VIRY.CZ

Zdravím, doufám že mi nějaký z přítomných polo-bohů řekne, že mám PC v naprostém pořádku, nebo mi ho vyléčí nadpřirozenou silou

Log RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Foxtrot at 2011-08-27 22:50:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 430 GB (45%) free of 954 GB
Total RAM: 6142 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:50:16, on 27.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Foxtrot.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ost&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Ondřej\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Ondřej\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://software.kuaiche.com
O15 - ESC Trusted IP range: http://5.0.0.1
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Remote Connections Service (FlexService) - BitMicro Software Corporation - C:\Program Files (x86)\RapidBIT\cisvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10034 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1ee97eb7-8ce2-4e20-a821-2c2518eb4cb1 -SystemEventPortName:HostProcess-1a2ca800-0aae-4fa3-b8af-43557723ef2d -IoCancelEventPortName:HostProcess-82267ed1-d2c9-49af-87d8-08efe11eb9bf -NonStateChangingEventPortName:HostProcess-80590c79-737d-446d-a72f-142b0c4d001c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8586e74a-bdc0-4c1a-83ef-9dd1dfa3487c
atieclxx
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-79c97da5-a703-412e-a4b9-234394e7c0df -SystemEventPortName:HostProcess-8d04a538-e548-448b-9e46-e9b528f16707 -IoCancelEventPortName:HostProcess-25f7494d-339a-41e3-8c60-552ba92332be -NonStateChangingEventPortName:HostProcess-208b4902-b2c9-4245-bd33-5febbe034498 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d94d17f1-5b63-4c7c-bce6-c495c6b75d85
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
taskeng.exe {E45E2367-9DF8-4F26-A146-84F71B13964A}
C:\Windows\DAODx.exe
"C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\CNAC4RPD.EXE
C:\Windows\SysWOW64\svchost.exe -k Akamai
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\diMaster.dll" /prefetch:1
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /SkipFUE /RemoteOCXLaunch
"C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe" /c /a /s UserSession
"taskhost.exe"
"C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe"
"C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDClock.exe"
WLIDSvcM.exe 2080
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\RapidBIT\cidaemon.exe" -svr
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2988.14e3cf10.1195469893 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.6.0 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 2988 "\\.\pipe\gecko-crash-server-pipe.2988" plugin
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Users\Ondřej\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\7dwq5gwl.default

prefs.js - "browser.startup.homepage" - "chrome://speeddial/content/speeddial.xul|chrome://speeddial/content/speeddial.xul"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IObitBar.com/Plugin]
"Description"=IObit Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\7dwq5gwl.default\extensions\
cs@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-08-27 75656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll [2011-04-29 436152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-06 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll [2011-04-29 436152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2010-11-16 104008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-06-15 15141768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-06-06 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-08-22 499608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 4]
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -automount []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CtaMon]
Rundll32 CtaMon.dll,RunMonitor []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-06-24 1744152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe /md I []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.4\ICQ.exe [2011-02-14 119608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObitBar Browser Plugin Loader]
C:\PROGRA~2\IObitBar\toolbar\1.bin\i0brmon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-07-19 421736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCDMon]
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LGDCore]
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe /SHOWHIDE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LgDeviceAgent]
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2010-09-17 57928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-04 1955208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\manager]
C:\Windows\System32\drivers\setup\manager.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-01-22 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostFeedBack]
C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe /dump:os_startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostMonitor]
C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe /tray /noservice []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2011-04-18 3071384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-01-29 10038304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rundll32]
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Six Engine]
C:\Program Files (x86)\ASUS\EPU\EPU.exe [2010-03-16 5309056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartRAM]
C:\Program Files (x86)\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe /m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-24 336384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2011-08-02 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TurboV EVO]
C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe [2010-04-07 9919104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]
C:\Program Files (x86)\Creative\SB Arena Surround Headset\Volume Panel\VolPanlu.exe [2009-05-04 241789]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Canon LBP5000 Status Window.lnk]
C:\Windows\System32\spool\drivers\x64\3\CNAC4LAD.EXE [2010-02-04 60384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~2\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ondřej^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk]
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe [2008-08-06 275736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ondřej^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ondřej^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~2\MAGICD~1\MAGICD~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ondřej^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ondřej^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_30843185.lnk]
C:\Users\Ondřej\AppData\Local\Temp\_uninst_30843185.bat []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-07-11 74752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-06-17 68376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"msacm.lameacm"=LameACM.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2050-08-03 11:34:09 ----D---- C:\Program Files (x86)\Cracklock
2011-08-27 22:26:23 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-08-27 22:26:03 ----A---- C:\Windows\system32\javaws.exe
2011-08-27 22:26:03 ----A---- C:\Windows\system32\javaw.exe
2011-08-27 22:26:03 ----A---- C:\Windows\system32\java.exe
2011-08-27 22:22:18 ----A---- C:\Users\Ondřej\AppData\Roaming\pcouffin.sys
2011-08-27 22:22:18 ----A---- C:\Users\Ondřej\AppData\Roaming\inst.exe
2011-08-27 22:18:33 ----D---- C:\Program Files (x86)\FileHippo.com
2011-08-27 20:28:41 ----A---- C:\Windows\ntbtlog.txt
2011-08-27 19:58:45 ----RA---- C:\Windows\system32\drivers\SymIMV.sys
2011-08-27 19:39:17 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-08-27 19:39:15 ----D---- C:\Program Files\Symantec
2011-08-27 19:39:15 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-08-27 19:39:15 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2011-08-27 19:38:46 ----D---- C:\Program Files (x86)\Norton 360
2011-08-27 19:38:14 ----D---- C:\Program Files (x86)\NortonInstaller
2011-08-25 08:37:12 ----D---- C:\Program Files\Microsoft Windows Performance Toolkit
2011-08-25 08:36:55 ----D---- C:\Program Files\Microsoft Help Viewer
2011-08-25 08:35:30 ----D---- C:\Program Files\Debugging Tools for Windows (x64)
2011-08-25 08:35:17 ----D---- C:\Program Files\Application Verifier (x64)
2011-08-25 08:35:17 ----D---- C:\Program Files (x86)\Application Verifier
2011-08-25 08:33:07 ----D---- C:\Windows\symbols
2011-08-25 08:33:06 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2011-08-25 08:25:36 ----D---- C:\Program Files\Microsoft SDKs
2011-08-24 10:32:44 ----D---- C:\Users\Ondřej\AppData\Roaming\Mozilla
2011-08-24 10:32:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-23 22:09:26 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-08-23 22:09:26 ----A---- C:\Windows\system32\tzres.dll
2011-08-23 21:19:10 ----D---- C:\Program Files (x86)\Mp3tag
2011-08-22 14:44:41 ----D---- C:\Program Files (x86)\Adobe Story
2011-08-19 12:45:57 ----D---- C:\Users\Ondřej\AppData\Roaming\FileHunter
2011-08-19 12:15:48 ----D---- C:\Program Files (x86)\Adobe Download Assistant
2011-08-18 20:46:09 ----D---- C:\Windows\SYSWOW64\drivers\setup
2011-08-18 20:30:30 ----D---- C:\Users\Ondřej\AppData\Roaming\Imagenomic
2011-08-16 22:13:19 ----D---- C:\Users\Ondřej\AppData\Roaming\Tropico 3
2011-08-16 22:05:04 ----D---- C:\Program Files (x86)\Kalypso
2011-08-15 12:15:59 ----D---- C:\Program Files\Logitech
2011-08-14 10:35:15 ----D---- C:\Users\Ondřej\AppData\Roaming\Macro Recorder
2011-08-14 10:04:46 ----D---- C:\Program Files (x86)\Aldo's Macro Recorder - SHAREWARE VERSION
2011-08-14 09:47:36 ----D---- C:\Users\Ondřej\AppData\Roaming\Easy Macro Recorder
2011-08-14 09:47:35 ----D---- C:\Program Files (x86)\Easy Macro Recorder
2011-08-13 14:54:57 ----D---- C:\Program Files (x86)\Movie Subtitles Searcher
2011-08-12 22:09:28 ----SHD---- C:\ProgramData\SecuROM
2011-08-12 19:32:03 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2011-08-11 00:05:10 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-08-11 00:05:10 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-11 00:05:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-08-11 00:05:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-08-11 00:05:09 ----A---- C:\Windows\system32\ieui.dll
2011-08-11 00:05:09 ----A---- C:\Windows\system32\iertutil.dll
2011-08-11 00:05:08 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-08-11 00:05:08 ----A---- C:\Windows\SYSWOW64\url.dll
2011-08-11 00:05:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-08-11 00:05:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-08-11 00:05:08 ----A---- C:\Windows\system32\urlmon.dll
2011-08-11 00:05:08 ----A---- C:\Windows\system32\url.dll
2011-08-11 00:05:08 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-11 00:05:08 ----A---- C:\Windows\system32\jscript9.dll
2011-08-11 00:05:08 ----A---- C:\Windows\system32\jscript.dll
2011-08-11 00:05:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-08-11 00:05:07 ----A---- C:\Windows\system32\wininet.dll
2011-08-11 00:05:06 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-08-11 00:05:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-08-11 00:05:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-08-11 00:05:03 ----A---- C:\Windows\system32\mshtml.dll
2011-08-11 00:05:03 ----A---- C:\Windows\system32\ieframe.dll
2011-08-10 11:01:31 ----A---- C:\Windows\CSC_ActiveCleanLog.dat
2011-08-10 09:57:16 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2011-08-10 09:54:56 ----A---- C:\Windows\system32\.ini
2011-08-10 09:25:23 ----A---- C:\james.bat
2011-08-10 09:23:40 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-08-10 09:23:40 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 09:23:39 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-10 09:23:39 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-10 09:23:39 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-10 09:23:38 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-08-10 09:23:38 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-08-10 09:23:38 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2011-08-10 09:23:38 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2011-08-10 09:23:38 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-08-10 09:23:38 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-10 09:23:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 09:23:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-08-10 09:23:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 09:23:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-08-10 09:23:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-08-10 09:23:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-08-10 09:23:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-08-10 09:23:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-08-10 09:23:32 ----A---- C:\Windows\system32\wow64win.dll
2011-08-10 09:23:32 ----A---- C:\Windows\system32\wow64cpu.dll
2011-08-10 09:23:32 ----A---- C:\Windows\system32\wow64.dll
2011-08-10 09:23:32 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 09:23:32 ----A---- C:\Windows\system32\ntvdm64.dll
2011-08-10 09:23:32 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-10 09:23:32 ----A---- C:\Windows\system32\kernel32.dll
2011-08-10 09:23:32 ----A---- C:\Windows\system32\conhost.exe
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 09:23:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 09:23:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-08-10 09:23:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 09:23:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-08-10 09:23:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 09:23:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 09:23:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 09:23:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 09:23:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-08-10 09:23:30 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 09:23:30 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 09:23:30 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-10 09:23:30 ----A---- C:\Windows\SYSWOW64\user.exe
2011-08-10 09:23:30 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-08-10 09:23:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-10 09:23:26 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-08-10 09:23:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 09:23:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-08-09 16:50:33 ----D---- C:\Program Files (x86)\x264vfw
2011-08-09 16:40:39 ----D---- C:\LAME
2011-08-09 16:40:25 ----D---- C:\x264
2011-08-09 12:53:38 ----D---- C:\Users\Ondřej\AppData\Roaming\DivX
2011-08-09 12:52:34 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2011-08-09 12:52:34 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2011-08-09 12:52:34 ----A---- C:\Windows\system32\xvidvfw.dll
2011-08-09 12:52:34 ----A---- C:\Windows\system32\xvidcore.dll
2011-08-09 12:52:25 ----D---- C:\Program Files (x86)\Xvid
2011-08-09 12:50:39 ----D---- C:\Program Files\DivX
2011-08-09 12:43:35 ----D---- C:\Program Files (x86)\DivX
2011-08-09 12:39:42 ----D---- C:\ProgramData\DivX
2011-08-08 23:45:57 ----D---- C:\Users\Ondřej\AppData\Roaming\Apple ComputerMobileSyncBackup9ce233856af2a7047135714444af7b95452e085c
2011-08-08 23:45:57 ----D---- C:\Users\Ondřej\AppData\Roaming\Apple ComputerMobileSyncBackup
2011-08-07 18:39:52 ----D---- C:\Program Files (x86)\QuickTime
2011-08-06 20:03:26 ----D---- C:\Users\Ondřej\AppData\Roaming\TeamViewer
2011-08-06 17:39:10 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-08-06 17:39:10 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-08-06 17:39:10 ----A---- C:\Windows\SYSWOW64\java.exe
2011-08-05 17:03:03 ----D---- C:\Users\Ondřej\AppData\Roaming\Aunsoft
2011-08-05 10:49:49 ----D---- C:\Program Files (x86)\VS Revo Group
2011-08-04 20:43:32 ----A---- C:\Windows\CD_Start.INI
2011-08-04 15:22:55 ----D---- C:\Users\Ondřej\AppData\Roaming\.minecraft
2011-08-03 20:53:08 ----D---- C:\Program Files (x86)\iOrgSoft
2011-08-03 20:39:52 ----D---- C:\Program Files (x86)\YouTube Video Downloader
2011-08-02 21:37:47 ----D---- C:\Program Files\Sony
2011-08-02 19:47:51 ----A---- C:\fftoutput.txt
2011-08-02 19:46:46 ----D---- C:\Users\Ondřej\AppData\Roaming\Screaming Bee
2011-08-02 19:46:24 ----D---- C:\ProgramData\Screaming Bee
2011-08-02 15:59:15 ----D---- C:\ProgramData\boost_interprocess
2011-08-02 12:52:40 ----D---- C:\Users\Ondřej\AppData\Roaming\Sytexis Software
2011-08-02 12:52:37 ----D---- C:\Program Files (x86)\Sytexis Software
2011-08-01 22:33:27 ----D---- C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
2011-08-01 20:37:42 ----D---- C:\Users\Ondřej\AppData\Roaming\DAEMON Tools Lite
2011-07-31 23:44:28 ----D---- C:\Windows\cs
2011-07-31 23:42:47 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-07-31 23:41:44 ----D---- C:\Program Files (x86)\Windows Live
2011-07-30 17:19:40 ----D---- C:\Users\Ondřej\AppData\Roaming\ts3overlay
2011-07-28 22:39:47 ----D---- C:\Windows\SYSWOW64\Adobe

======List of files/folders modified in the last 1 month======

2011-08-27 22:50:15 ----D---- C:\Program Files\trend micro
2011-08-27 22:46:19 ----D---- C:\Windows\Temp
2011-08-27 22:44:09 ----D---- C:\Windows\system32\config
2011-08-27 22:31:59 ----D---- C:\Users\Ondřej\AppData\Roaming\Skype
2011-08-27 22:29:54 ----SHD---- C:\System Volume Information
2011-08-27 22:29:46 ----D---- C:\Windows\system32\drivers
2011-08-27 22:27:36 ----D---- C:\Program Files (x86)\Notepad++
2011-08-27 22:27:34 ----D---- C:\Users\Ondřej\AppData\Roaming\Notepad++
2011-08-27 22:26:23 ----RD---- C:\Program Files (x86)
2011-08-27 22:26:18 ----SHD---- C:\Windows\Installer
2011-08-27 22:26:03 ----D---- C:\Windows\System32
2011-08-27 22:25:48 ----A---- C:\Windows\system32\deployJava1.dll
2011-08-27 22:25:47 ----D---- C:\Program Files\Java
2011-08-27 22:24:51 ----D---- C:\Windows\system32\DriverStore
2011-08-27 22:24:51 ----D---- C:\Windows\system32\catroot
2011-08-27 22:24:51 ----D---- C:\Windows\inf
2011-08-27 22:22:26 ----D---- C:\Windows\SysWOW64
2011-08-27 22:22:26 ----D---- C:\Program Files (x86)\VSO
2011-08-27 22:22:18 ----D---- C:\Users\Ondřej\AppData\Roaming\Vso
2011-08-27 22:21:31 ----D---- C:\Program Files (x86)\Free MOV to AVI Converter
2011-08-27 22:21:01 ----D---- C:\Windows
2011-08-27 22:20:46 ----D---- C:\Program Files (x86)\AVS4YOU
2011-08-27 21:59:02 ----D---- C:\Program Files (x86)\Zaklínač
2011-08-27 21:58:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-08-27 21:51:36 ----D---- C:\Users\Ondřej\AppData\Roaming\uTorrent
2011-08-27 21:04:04 ----D---- C:\ProgramData\Norton
2011-08-27 20:33:54 ----D---- C:\Windows\system32\catroot2
2011-08-27 20:20:25 ----D---- C:\Windows\system32\Tasks
2011-08-27 20:18:36 ----D---- C:\Windows\pss
2011-08-27 20:15:13 ----D---- C:\Windows\system32\drivers\N360x64
2011-08-27 20:05:06 ----D---- C:\Windows\Prefetch
2011-08-27 19:39:17 ----DC---- C:\Windows\system32\DRVSTORE
2011-08-27 19:39:15 ----RD---- C:\Program Files
2011-08-27 19:39:15 ----D---- C:\Program Files\Common Files
2011-08-27 19:38:16 ----D---- C:\ProgramData\NortonInstaller
2011-08-27 19:34:36 ----D---- C:\ProgramData
2011-08-27 19:24:11 ----D---- C:\Program Files\CCleaner
2011-08-25 09:48:26 ----D---- C:\Windows\Microsoft.NET
2011-08-25 09:46:56 ----RSD---- C:\Windows\assembly
2011-08-25 08:56:22 ----D---- C:\Windows\Minidump
2011-08-25 08:56:22 ----D---- C:\Users\Ondřej\AppData\Roaming\Winamp
2011-08-25 08:25:37 ----D---- C:\Program Files (x86)\MSBuild
2011-08-25 02:25:57 ----D---- C:\Windows\rescache
2011-08-24 10:44:02 ----D---- C:\ProgramData\Kaspersky Lab
2011-08-24 10:25:03 ----D---- C:\Program Files (x86)\Google
2011-08-23 22:10:10 ----D---- C:\Windows\winsxs
2011-08-23 22:09:58 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-08-23 22:09:58 ----D---- C:\Windows\system32\cs-CZ
2011-08-22 22:07:21 ----D---- C:\Windows\Downloaded Program Files
2011-08-22 19:31:18 ----D---- C:\Users\Ondřej\AppData\Roaming\vlc
2011-08-22 18:02:53 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-08-22 18:02:24 ----ASD---- C:\ProgramData\Microsoft
2011-08-22 18:02:24 ----A---- C:\Windows\SurCode.INI
2011-08-22 14:49:30 ----D---- C:\Program Files (x86)\Adobe
2011-08-22 14:47:59 ----D---- C:\Program Files\Common Files\Adobe
2011-08-22 14:47:59 ----D---- C:\Program Files\Adobe
2011-08-22 14:45:08 ----RSD---- C:\Windows\Fonts
2011-08-21 18:48:29 ----D---- C:\Program Files (x86)\JDownloader
2011-08-21 18:03:48 ----D---- C:\Users\Ondřej\AppData\Roaming\Adobe
2011-08-21 17:37:46 ----D---- C:\Windows\system32\drivers\etc
2011-08-21 17:30:50 ----D---- C:\ProgramData\Adobe
2011-08-18 21:16:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-18 20:46:09 ----D---- C:\Windows\SYSWOW64\drivers
2011-08-16 16:52:32 ----D---- C:\Program Files (x86)\Common Files
2011-08-16 14:48:53 ----D---- C:\Windows\SYSWOW64\directx
2011-08-16 14:48:41 ----HD---- C:\Windows\msdownld.tmp
2011-08-16 14:02:10 ----D---- C:\Program Files (x86)\Cheat Engine 6.1
2011-08-15 12:16:56 ----D---- C:\Program Files\Common Files\LogiShrd
2011-08-15 12:16:05 ----D---- C:\ProgramData\Logishrd
2011-08-14 10:02:41 ----D---- C:\Program Files (x86)\NemoKProd
2011-08-14 10:00:18 ----D---- C:\Program Files (x86)\Macro Wizard 4.1
2011-08-12 19:40:08 ----D---- C:\Program Files (x86)\Rockstar Games
2011-08-11 12:24:19 ----D---- C:\Program Files (x86)\ATI Technologies
2011-08-11 12:22:36 ----D---- C:\AMD
2011-08-11 12:15:28 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-08-11 12:07:37 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-08-11 00:37:59 ----D---- C:\Windows\SYSWOW64\migration
2011-08-11 00:37:59 ----D---- C:\Windows\system32\migration
2011-08-11 00:37:59 ----D---- C:\Windows\AppPatch
2011-08-11 00:37:59 ----D---- C:\Program Files\Internet Explorer
2011-08-11 00:37:59 ----D---- C:\Program Files (x86)\Internet Explorer
2011-08-11 00:10:57 ----A---- C:\Windows\system32\MRT.exe
2011-08-10 20:03:22 ----D---- C:\Program Files (x86)\Steam
2011-08-10 10:02:21 ----D---- C:\Users\Ondřej\AppData\Roaming\FileZilla
2011-08-10 09:50:31 ----D---- C:\Program Files (x86)\Symantec
2011-08-10 09:50:22 ----D---- C:\ProgramData\Symantec
2011-08-10 09:32:54 ----D---- C:\rafazon
2011-08-09 16:42:19 ----D---- C:\Users\Ondřej\AppData\Roaming\Publish Providers
2011-08-09 12:57:41 ----AD---- C:\ProgramData\Temp
2011-08-09 12:57:32 ----D---- C:\Windows\Tasks
2011-08-07 11:33:07 ----D---- C:\Windows\system32\wdi
2011-08-06 17:38:58 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2011-08-06 17:32:01 ----D---- C:\Program Files (x86)\Java
2011-08-06 16:46:57 ----D---- C:\Windows\system32\wfp
2011-08-06 16:46:54 ----D---- C:\Windows\system32\wbem
2011-08-06 16:45:35 ----D---- C:\Windows\AppCompat
2011-08-06 16:45:22 ----D---- C:\Program Files (x86)\MinecraftAlpha
2011-08-06 16:45:13 ----D---- C:\Windows\registration
2011-08-03 21:19:38 ----D---- C:\Users\Ondřej\AppData\Roaming\Audacity
2011-08-03 00:07:55 ----D---- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2011-08-02 21:58:55 ----D---- C:\Users\Ondřej\AppData\Roaming\Sony
2011-08-02 13:47:28 ----D---- C:\Windows\system32\NDF
2011-08-02 13:17:18 ----D---- C:\Program Files\CyberLink
2011-08-01 13:05:33 ----D---- C:\Fraps
2011-07-31 23:41:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-07-28 20:54:24 ----A---- C:\Windows\SYSWOW64\msjava.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-11 115824]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 18232]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-08-01 526392]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [2011-03-15 912504]
R0 Tpkd;Tpkd; C:\Windows\system32\drivers\Tpkd.sys [2010-09-30 105592]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110812.001\BHDrvx64.sys [2011-08-12 1151096]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2011-08-27 481912]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110826.030\IDSvia64.sys [2011-08-26 488568]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0501000.01D\SRTSP64.SYS [2011-03-31 744568]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0501000.01D\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2011-03-31 43640]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [2010-11-16 171128]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\N360x64\0501000.01D\SYMNETS.SYS [2011-03-22 382584]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-08-02 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-08-02 43680]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2010-09-17 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2010-09-17 72216]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-08 9884672]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-08 307712]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 Ctafiltv;Ctafiltv; C:\Windows\system32\drivers\Ctafiltv.sys [2008-08-14 24064]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-08-27 136824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 34152]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-01-29 2260256]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-04-30 66840]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2010-09-17 11552]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-04-30 60184]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110827.002\ENG64.SYS [2011-08-27 117880]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110827.002\EX64.SYS [2011-08-27 2048632]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2011-08-27 174200]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-10-19 39480]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S3 ALSysIO;ALSysIO; \??\C:\Users\ONDEJ~1\AppData\Local\Temp\ALSysIO64.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
S3 cmudaxp;ASUS Xonar DX Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys []
S3 cpuz130;cpuz130; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-08 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-24 365568]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-04-17 130008]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-06-01 75136]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-17 2358656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 FlexService;Remote Connections Service; C:\Program Files (x86)\RapidBIT\cisvc.exe [2009-05-17 41984]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-29 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-08-03 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-08-03 79360]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-11-03 1030600]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-29 136176]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 934760]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-08-02 411432]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-22 1255736]
S4 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 2329480]
S4 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-06-17 359192]
S4 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2010-12-08 373640]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2010-12-08 147336]
S4 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2010-11-08 407424]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]

-----------------EOF-----------------

Zdravim a pekny den preji

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  adp3132.sys
  AGP440.sys
  ahcix86.sys
  ahcix86s.sys
  atapi.sys
  autochk.exe
  cdrom.sys
  cngaudit.dll
  cryptsvc.dll
  eNetHook.dll
  eventlog.dll
  explorer.exe
  hal.dll
  Changer.sys
  iaStor.sys
  iastorv.sys
  IdeChnDr.sys
  isapnp.sys
  JakNDis.sys
  KR10N.sys
  logevent.dll
  lsass.exe
  mv61xx.sys
  ndis.sys
  netlogon.dll
  ntelogon.dll
  nvata.sys
  nvatabus.sys
  nvgts.sys
  nvraid.sys
  nvrd32.sys
  nvstor.sys
  nvstor32.sys
  scecli.dll
  sceclt.dll
  smss.exe
  svchost.exe
  symmpi.sys
  tcpip.sys
  userinit.exe
  vaxscsi.sys
  viamraid.sys
  viasraid.sys
  ViPrt.sys
  winlogon.exe
  ws2_32.dll
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  type c:\boot.ini >> test.txt /c
  %SystemDrive%\PhysicalMBR.bin /md5

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

OTL logfile created on: 28.8.2011 10:37:43 - Run 1
OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Ondřej\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

6,00 Gb Total Physical Memory | 4,43 Gb Available Physical Memory | 73,90% Memory free
11,99 Gb Paging File | 10,27 Gb Available in Paging File | 85,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 435,89 Gb Free Space | 46,80% Space Free | Partition Type: NTFS

Computer Name: ONDŘEJ-PC | User Name: Foxtrot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.08.28 10:35:04 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Ondřej\Desktop\OTL.exe
PRC - [2011.08.17 17:52:04 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.07.11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.01 17:36:42 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.05.30 16:13:37 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe
PRC - [2011.04.17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccsvchst.exe
PRC - [2010.11.20 14:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.04.02 15:21:50 | 001,109,632 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\TurboV EVO\TurboVHelp.exe
PRC - [2009.12.28 15:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009.03.30 08:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe
PRC - [2009.02.23 12:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


========== Modules (No Company Name) ==========

MOD - [2010.02.08 17:19:52 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\TurboV EVO\HookKey32.dll
MOD - [2009.09.30 05:33:08 | 000,024,576 | ---- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009.03.30 08:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe
MOD - [2008.12.10 20:04:54 | 000,253,952 | ---- | M] () -- C:\Program Files\ASUS\TurboV EVO\pngio.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.07.08 05:25:02 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.06.17 09:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011.05.24 23:18:38 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.11.03 22:30:12 | 001,030,600 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.08.19 17:43:24 | 000,386,344 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.08.17 17:52:04 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.08.04 14:34:48 | 002,329,480 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.08.03 12:37:46 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)
SRV - [2011.08.02 15:56:28 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.01 17:36:42 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.04.17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2010.12.08 14:12:10 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2010.12.08 14:12:04 | 000,373,640 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010.11.08 13:04:20 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010.08.03 13:06:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010.08.03 12:08:30 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010.07.01 04:45:02 | 000,136,616 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.28 15:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.17 05:16:24 | 000,041,984 | --S- | M] (BitMicro Software Corporation) [Auto | Stopped] -- C:\Program Files (x86)\RapidBIT\cisvc.exe -- (FlexService)
SRV - [2009.02.23 12:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.08.27 20:07:08 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011.08.01 20:42:37 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.07.08 17:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011.07.08 06:15:50 | 009,884,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.08 04:47:04 | 000,307,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.04.30 13:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 13:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.03.31 05:04:12 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2011.03.31 05:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011.03.31 05:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011.03.30 20:46:44 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.03.21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.15 04:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.04 21:44:12 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.02.23 16:50:14 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2011.01.27 08:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.sys -- (SymDS)
DRV:64bit: - [2010.12.08 14:12:30 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.16 03:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010.09.30 14:53:20 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2010.09.17 16:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010.09.17 16:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2010.08.21 06:59:12 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010.08.02 16:31:45 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.08.02 16:31:45 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.07.01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010.05.06 11:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.01.22 12:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.01.22 12:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.01.11 13:28:35 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.11.23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.10.19 14:45:54 | 000,039,480 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008.12.26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV:64bit: - [2008.09.17 14:14:00 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV:64bit: - [2008.08.14 08:48:33 | 000,024,064 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ctafiltv.sys -- (Ctafiltv)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2011.08.27 20:06:58 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110827.002\ex64.sys -- (NAVEX15)
DRV - [2011.08.27 20:06:58 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011.08.27 20:06:58 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011.08.27 20:06:58 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110827.002\eng64.sys -- (NAVENG)
DRV - [2011.08.26 15:47:30 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110826.030\IDSviA64.sys -- (IDSVia64)
DRV - [2011.08.12 23:21:56 | 001,151,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110812.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010.09.17 16:40:06 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2004.06.22 15:44:50 | 000,005,632 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\Entech64.sys -- (ENTECH64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ost&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found


IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
IE - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DB C1 D0 17 97 39 CB 01 [binary data]
IE - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul|chrome://speeddial/content/speeddial.xul"

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@IObitBar.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011.08.27 22:31:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_0_8 [2011.08.28 10:23:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.08.24 10:32:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011.08.24 10:32:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondřej\AppData\Roaming\mozilla\Extensions
[2011.08.27 19:46:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondřej\AppData\Roaming\mozilla\Firefox\Profiles\7dwq5gwl.default\extensions
[2011.08.24 15:06:23 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Ondřej\AppData\Roaming\mozilla\Firefox\Profiles\7dwq5gwl.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.08.24 15:06:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Ondřej\AppData\Roaming\mozilla\Firefox\Profiles\7dwq5gwl.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.08.24 15:06:23 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂ­ky pro kontrolu pravopisu) -- C:\Users\Ondřej\AppData\Roaming\mozilla\Firefox\Profiles\7dwq5gwl.default\extensions\cs@dictionaries.addons.mozilla.org
[2011.08.24 15:06:23 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Ondřej\AppData\Roaming\mozilla\Firefox\Profiles\7dwq5gwl.default\extensions\en-US@dictionaries.addons.mozilla.org
[2011.08.24 10:32:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.08.27 22:31:00 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{1018E4D6-728F-4B20-AD56-37578A4DE76B}
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{582195F5-92E7-40A0-A127-DB71295901D7}.XPI
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\CS@DICTIONARIES.ADDONS.MOZILLA.ORG
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\EN-US@DICTIONARIES.ADDONS.MOZILLA.ORG
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\GOOGLEDICTIONARY@TOPTIP.CA.XPI
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI
File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\STATUS4EVAR@CALIGONSTUDIOS.COM.XPI
[2011.08.12 08:10:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.08.12 06:14:43 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.08.12 06:14:43 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.08.12 06:14:43 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.08.12 06:14:43 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.08.12 06:14:43 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.08.21 17:47:52 | 000,001,643 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 5 more lines...
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (no name) - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Ondřej\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Stahnout FlashGet3 - C:\Users\Ondřej\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Ondřej\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Ondřej\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\..Trusted Domains: kuaiche.com ([software] http in Důvěryhodné servery)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_22)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.lameacm - LameACM.acm (http://www.mp3dev.org/)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.XVID - xvidvfw.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (http://www.helixcommunity.org)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.x264 - C:\Program Files (x86)\x264vfw\x264vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2050.08.03 11:34:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cracklock
[2050.08.03 10:54:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\OFX
[2011.08.28 10:35:03 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Ondřej\Desktop\OTL.exe
[2011.08.27 22:26:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011.08.27 22:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011.08.27 22:26:03 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2011.08.27 22:26:03 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2011.08.27 22:26:03 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2011.08.27 22:22:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Ondřej\AppData\Roaming\pcouffin.sys
[2011.08.27 22:22:18 | 000,000,000 | ---D | C] -- C:\Users\Ondřej\Documents\PcSetup
[2011.08.27 22:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileHippo.com
[2011.08.27 21:02:31 | 000,000,000 | ---D | C] -- C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2011.08.27 20:26:16 | 000,000,000 | ---D | C] -- C:\Users\Ondřej\AppData\Local\NPE
[2011.08.27 19:58:45 | 000,043,640 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys
[2011.08.27 19:39:17 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011.08.27 19:39:15 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011.08.27 19:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011.08.27 19:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011.08.27 19:38:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2011.08.27 19:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2011.08.25 08:37:12 | 000,000,000 | ---D | C] -- C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
[2011.08.25 08:37:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2011.08.25 08:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2011.08.25 08:35:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x64)
[2011.08.25 08:35:30 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x64)
[2011.08.25 08:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Application Verifier
[2011.08.25 08:35:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Verifier
[2011.08.25 08:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Application Verifier (x64)
[2011.08.25 08:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier (x64)
[2011.08.25 08:33:07 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2011.08.25 08:33:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0
[2011.08.25 08:25:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1
[2011.08.25 08:25:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2011.08.24 10:32:44 | 000,000,000 | ---D | C] -- C:\Users\Ondřej\AppData\Roaming\Mozilla
[2011.08.24 10:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.08.23 21:19:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3tag
[2011.08.22 14:44:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story
[2011.08.21 17:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011.03.10 22:51:04 | 001,654,869 | ---- | C] (Dynu Systems Inc.) -- C:\ProgramData\DynuEncrypt.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.08.28 10:39:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.08.28 10:35:04 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Ondřej\Desktop\OTL.exe
[2011.08.28 10:31:05 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.28 10:31:05 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.28 10:23:32 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.28 10:23:27 | 005,272,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.08.28 10:23:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.28 10:22:47 | 535,437,311 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.28 00:03:14 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.27 22:45:30 | 000,935,175 | ---- | M] () -- C:\Users\Ondřej\Desktop\RSITx64.exe
[2011.08.27 22:26:25 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011.08.27 22:25:48 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2011.08.27 22:25:48 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2011.08.27 22:25:48 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2011.08.27 22:25:48 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2011.08.27 22:22:56 | 000,040,178 | ---- | M] () -- C:\Users\Ondřej\Documents\cc_20110827_222254.reg
[2011.08.27 22:22:18 | 000,099,384 | ---- | M] () -- C:\Users\Ondřej\AppData\Roaming\inst.exe
[2011.08.27 22:22:18 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Ondřej\AppData\Roaming\pcouffin.sys
[2011.08.27 22:22:18 | 000,007,859 | ---- | M] () -- C:\Users\Ondřej\AppData\Roaming\pcouffin.cat
[2011.08.27 22:22:18 | 000,001,167 | ---- | M] () -- C:\Users\Ondřej\AppData\Roaming\pcouffin.inf
[2011.08.27 22:18:33 | 000,001,969 | ---- | M] () -- C:\Users\Ondřej\Desktop\Update Checker.lnk
[2011.08.27 21:59:29 | 000,004,646 | ---- | M] () -- C:\Users\Ondřej\Documents\cc_20110827_215927.reg
[2011.08.27 20:14:27 | 001,814,382 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Cat.DB
[2011.08.27 20:07:08 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011.08.27 20:07:08 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011.08.27 20:07:08 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011.08.27 19:32:32 | 000,000,312 | ---- | M] () -- C:\Users\Ondřej\Documents\cc_20110827_193229.reg
[2011.08.27 19:24:11 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.24 16:25:38 | 000,000,100 | -HS- | M] () -- C:\Windows\4683552drv.spi
[2011.08.24 10:32:41 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.08.24 10:24:40 | 000,026,370 | ---- | M] () -- C:\Users\Ondřej\Desktop\bookmarks-2011-08-24.json
[2011.08.24 10:15:46 | 001,908,121 | ---- | M] () -- C:\Users\Ondřej\Desktop\Bez názvu.png
[2011.08.23 22:12:54 | 000,001,126 | ---- | M] () -- C:\Users\Ondřej\Desktop\Adobe Premiere Pro CS5.5.lnk
[2011.08.23 22:12:54 | 000,001,125 | ---- | M] () -- C:\Users\Ondřej\Desktop\Adobe Photoshop CS5.1 (64 Bit).lnk
[2011.08.22 22:07:25 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.08.22 18:02:24 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI
[2011.08.21 17:56:02 | 000,001,177 | ---- | M] () -- C:\Users\Ondřej\Desktop\Adobe Flash Professional CS5.5.lnk
[2011.08.21 17:47:52 | 000,001,643 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.08.28 10:39:16 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.08.27 22:45:33 | 000,935,175 | ---- | C] () -- C:\Users\Ondřej\Desktop\RSITx64.exe
[2011.08.27 22:26:25 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011.08.27 22:22:55 | 000,040,178 | ---- | C] () -- C:\Users\Ondřej\Documents\cc_20110827_222254.reg
[2011.08.27 22:22:18 | 000,099,384 | ---- | C] () -- C:\Users\Ondřej\AppData\Roaming\inst.exe
[2011.08.27 22:22:18 | 000,007,859 | ---- | C] () -- C:\Users\Ondřej\AppData\Roaming\pcouffin.cat
[2011.08.27 22:22:18 | 000,001,167 | ---- | C] () -- C:\Users\Ondřej\AppData\Roaming\pcouffin.inf
[2011.08.27 22:18:33 | 000,001,969 | ---- | C] () -- C:\Users\Ondřej\Desktop\Update Checker.lnk
[2011.08.27 21:59:28 | 000,004,646 | ---- | C] () -- C:\Users\Ondřej\Documents\cc_20110827_215927.reg
[2011.08.27 19:39:15 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011.08.27 19:39:15 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011.08.27 19:32:31 | 000,000,312 | ---- | C] () -- C:\Users\Ondřej\Documents\cc_20110827_193229.reg
[2011.08.27 19:24:11 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.24 16:25:38 | 000,000,100 | -HS- | C] () -- C:\Windows\4683552drv.spi
[2011.08.24 10:32:41 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.08.24 10:32:41 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.08.24 10:24:40 | 000,026,370 | ---- | C] () -- C:\Users\Ondřej\Desktop\bookmarks-2011-08-24.json
[2011.08.24 10:15:46 | 001,908,121 | ---- | C] () -- C:\Users\Ondřej\Desktop\Bez názvu.png
[2011.08.22 14:50:18 | 000,001,126 | ---- | C] () -- C:\Users\Ondřej\Desktop\Adobe Premiere Pro CS5.5.lnk
[2011.08.21 17:56:02 | 000,001,177 | ---- | C] () -- C:\Users\Ondřej\Desktop\Adobe Flash Professional CS5.5.lnk
[2011.08.21 17:33:44 | 000,001,125 | ---- | C] () -- C:\Users\Ondřej\Desktop\Adobe Photoshop CS5.1 (64 Bit).lnk
[2011.08.21 17:31:30 | 000,001,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2011.08.21 17:31:00 | 000,001,278 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2011.08.21 17:29:21 | 000,001,379 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2011.08.21 17:29:07 | 000,001,551 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2011.08.21 17:27:44 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011.08.10 11:01:31 | 000,000,012 | ---- | C] () -- C:\Windows\CSC_ActiveCleanLog.dat
[2011.08.09 12:52:34 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.08.09 12:52:34 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.08.08 23:46:04 | 000,020,306 | ---- | C] () -- C:\Users\Ondřej\AppData\Roaming\Apple ComputerMobileSyncBackup9ce233856af2a7047135714444af7b95452e085cInfo.plist
[2011.08.04 20:43:32 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2011.05.26 19:05:34 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2011.05.24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.05.24 22:50:49 | 000,000,017 | ---- | C] () -- C:\Windows\MovingPicture.ini
[2011.05.08 20:36:51 | 000,000,204 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011.04.26 18:19:08 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011.04.25 21:31:49 | 000,320,512 | ---- | C] () -- C:\Windows\SysWow64\w32mkde.exe
[2011.04.25 21:31:49 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\w32mkrc.dll
[2011.04.25 21:31:49 | 000,003,146 | ---- | C] () -- C:\Windows\SysWow64\vsort.com
[2011.04.23 21:38:08 | 002,059,264 | ---- | C] () -- C:\Windows\setup_rangers_2.exe
[2011.04.19 06:54:10 | 000,000,094 | ---- | C] () -- C:\Users\Ondřej\AppData\Local\fusioncache.dat
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.03.06 13:57:28 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.02.07 19:03:10 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.12.05 21:29:20 | 001,585,112 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.05 17:27:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2010.11.20 16:56:22 | 000,000,132 | ---- | C] () -- C:\Users\Ondřej\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2010.11.12 21:28:23 | 000,045,568 | ---- | C] () -- C:\Users\Ondřej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.12 21:17:41 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.10.23 22:03:26 | 000,144,245 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.09.09 14:52:07 | 000,001,189 | ---- | C] () -- C:\Users\Ondřej\AppData\Roaming\vso_ts_preview.xml
[2010.09.06 18:26:01 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2010.08.31 11:33:39 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\libmySQL.dll
[2010.08.31 11:33:39 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\TrackerNET.dll
[2010.08.31 11:29:29 | 000,000,471 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010.08.23 16:17:07 | 000,197,080 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.08.03 13:21:20 | 000,000,061 | ---- | C] () -- C:\Windows\sbwin.ini
[2010.08.03 12:09:33 | 000,000,504 | ---- | C] () -- C:\Windows\CtaMCcfg.ini
[2010.08.03 12:09:28 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.08.03 12:09:28 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.07.27 18:27:19 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.07.27 13:05:39 | 000,000,302 | ---- | C] () -- C:\ProgramData\Setting.dat
[2010.07.27 13:05:39 | 000,000,022 | ---- | C] () -- C:\Users\Ondřej\AppData\Roaming\UserFlag.ini
[2010.07.25 18:54:35 | 000,280,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.07.25 18:54:34 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.07.25 18:54:33 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.07.25 16:24:02 | 000,000,034 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2010.07.23 13:16:25 | 000,007,611 | ---- | C] () -- C:\Users\Ondřej\AppData\Local\Resmon.ResmonCfg
[2010.07.20 11:11:43 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2010.07.20 11:04:45 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2010.07.20 11:02:15 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.07.20 10:41:50 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.07.20 10:41:50 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.07.20 10:41:49 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.07.20 10:41:49 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.07.20 10:36:11 | 000,044,252 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010.07.20 10:35:48 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.07.20 10:35:44 | 000,030,662 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.02.08 07:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\SysWow64\vfprintpthelper.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009.03.30 08:32:40 | 000,032,768 | R--- | C] () -- C:\Windows\DAODx.exe
[2008.09.18 09:45:54 | 000,001,515 | ---- | C] () -- C:\Windows\Ctacfg.ini
[2003.12.22 14:40:06 | 001,663,068 | ---- | C] () -- C:\Windows\SysWow64\libmmd.dll
[2000.07.15 00:00:00 | 000,030,720 | ---- | C] () -- C:\Windows\regtlib.exe

========== LOP Check ==========

[2011.08.17 19:30:25 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\.minecraft
[2011.03.26 20:00:25 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\a-minecraft backup
[2011.01.18 22:06:28 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Acoustica
[2010.10.26 18:58:48 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\AnvSoft
[2011.08.03 21:19:38 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Audacity
[2011.08.05 17:03:03 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Aunsoft
[2010.11.04 20:20:23 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Autodesk
[2010.07.27 12:57:56 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\AutoHideIP
[2010.10.18 18:02:25 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\avidemux
[2011.05.25 15:14:04 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Avnex
[2011.05.08 20:49:36 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\BITS
[2010.11.13 13:53:54 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.02.04 14:27:50 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\CheckPoint
[2011.05.24 17:34:04 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.08.25 08:56:22 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\DAEMON Tools Lite
[2011.08.14 10:32:25 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Easy Macro Recorder
[2011.02.04 13:03:02 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\ESET
[2011.08.19 12:59:17 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\FileHunter
[2011.08.10 10:02:21 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\FileZilla
[2011.04.26 18:18:51 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\FlashGet
[2011.04.26 18:18:48 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\FlashGetBHO
[2011.07.25 21:28:24 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\FreeCommander
[2011.07.01 18:39:37 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\GetRightToGo
[2011.07.17 11:28:38 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\go
[2011.05.10 18:25:45 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\HandBrake
[2010.07.27 12:57:21 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Hide IP NG
[2011.02.15 15:16:33 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\ICQ
[2011.08.19 12:12:04 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Imagenomic
[2011.04.26 18:21:53 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\IObit
[2011.03.21 17:50:04 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\LangSoft
[2010.07.25 15:03:31 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Leadertech
[2011.08.14 10:35:15 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Macro Recorder
[2010.07.25 11:12:27 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\MAXON
[2011.05.11 17:46:33 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Mirillis
[2011.04.27 22:39:12 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Mumble
[2011.08.27 22:27:34 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Notepad++
[2011.05.26 19:05:34 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\PACE Anti-Piracy
[2011.03.20 17:35:29 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\PCToolsFirewallPlus
[2011.08.09 16:42:19 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Publish Providers
[2011.06.01 17:36:39 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\PunkBuster
[2011.08.03 14:33:12 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Screaming Bee
[2010.07.25 21:45:22 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Sinvise Systems
[2011.05.11 18:05:37 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Songbird2
[2011.08.02 21:58:55 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Sony
[2011.05.26 19:06:40 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.10.04 21:07:04 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Subversion
[2011.01.18 22:08:19 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\SynthMaker
[2011.08.02 12:52:40 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Sytexis Software
[2011.08.06 20:35:13 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\TeamViewer
[2011.02.07 19:03:07 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Thunderbird
[2011.08.18 19:51:16 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Tropico 3
[2011.07.25 21:28:24 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\TS3Client
[2011.07.30 17:22:31 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\ts3overlay
[2010.12.05 17:27:12 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Tunngle
[2011.05.22 22:17:10 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Ubisoft
[2011.08.27 21:51:36 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\uTorrent
[2011.04.25 21:40:20 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\VeskrnaMartin
[2011.08.27 22:22:18 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Vso
[2011.03.22 22:54:38 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\X-Chat 2
[2010.08.03 18:33:39 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\XRay Engine
[2011.06.30 09:32:56 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< >

< >


< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.12.15 19:53:58 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Program Files\Debugging Tools for Windows (x64)\sym\hal.dll\4CE7C66949000\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

< MD5 for: NDIS.SYS >
[2010.12.15 18:53:06 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Program Files\Debugging Tools for Windows (x64)\sym\ndis.sys\4CE79392f3000\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.04.09 13:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2010.04.09 09:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 16:28:06 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Program Files\Debugging Tools for Windows (x64)\sym\tcpip.sys\4E001123204000\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[63 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[18 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.08.17 19:30:25 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\.minecraft
[2011.03.26 20:00:25 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\a-minecraft backup
[2011.01.18 22:06:28 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Acoustica
[2011.08.21 18:03:48 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Adobe
[2010.10.26 18:58:48 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\AnvSoft
[2010.07.25 14:25:50 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Apple Computer
[2011.08.08 23:45:57 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Apple ComputerMobileSyncBackup
[2011.08.08 23:45:57 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Apple ComputerMobileSyncBackup9ce233856af2a7047135714444af7b95452e085c
[2010.07.22 17:31:57 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\ATI
[2011.08.03 21:19:38 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Audacity
[2011.08.05 17:03:03 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Aunsoft
[2010.11.04 20:20:23 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Autodesk
[2010.07.27 12:57:56 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\AutoHideIP
[2010.10.18 18:02:25 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\avidemux
[2011.05.25 15:14:04 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Avnex
[2011.05.26 22:45:39 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\AVS4YOU
[2011.05.08 20:49:36 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\BITS
[2010.11.13 13:53:54 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.02.04 14:27:50 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\CheckPoint
[2011.05.24 17:34:04 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010.08.03 13:18:59 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Creative
[2011.01.16 19:22:27 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\CyberLink
[2011.08.25 08:56:22 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\DAEMON Tools Lite
[2011.08.09 12:53:38 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\DivX
[2011.08.14 10:32:25 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Easy Macro Recorder
[2011.02.04 13:03:02 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\ESET
[2011.08.19 12:59:17 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\FileHunter
[2011.08.10 10:02:21 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\FileZilla
[2011.04.26 18:18:51 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\FlashGet
[2011.04.26 18:18:48 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\FlashGetBHO
[2011.07.25 21:28:24 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\FreeCommander
[2011.07.01 18:39:37 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\GetRightToGo
[2011.07.17 11:28:38 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\go
[2011.01.31 12:11:21 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Hamachi
[2011.05.10 18:25:45 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\HandBrake
[2010.07.27 12:57:21 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Hide IP NG
[2011.02.15 15:16:33 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\ICQ
[2010.07.22 17:31:40 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Identities
[2011.08.19 12:12:04 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Imagenomic
[2011.04.26 18:21:53 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\IObit
[2011.03.21 17:50:04 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\LangSoft
[2010.07.25 15:03:31 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Leadertech
[2010.07.25 15:02:30 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Logishrd
[2010.07.25 15:03:36 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Logitech
[2011.08.14 10:35:15 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Macro Recorder
[2010.07.22 17:32:16 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Macromedia
[2010.07.25 11:12:27 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\MAXON
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Media Center Programs
[2011.06.30 13:26:33 | 000,000,000 | --SD | M] -- C:\Users\Ondřej\AppData\Roaming\Microsoft
[2011.05.11 17:46:33 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Mirillis
[2011.08.24 10:32:49 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Mozilla
[2011.04.27 22:39:12 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Mumble
[2011.08.27 22:27:34 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Notepad++
[2011.05.26 19:05:34 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\PACE Anti-Piracy
[2011.03.20 17:35:29 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\PCToolsFirewallPlus
[2011.08.09 16:42:19 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Publish Providers
[2011.06.01 17:36:39 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\PunkBuster
[2011.08.03 14:33:12 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Screaming Bee
[2010.08.01 16:57:23 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\SecuROM
[2010.07.25 21:45:22 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Sinvise Systems
[2011.08.28 10:30:19 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Skype
[2011.06.11 11:54:26 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\skypePM
[2011.05.11 18:05:37 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Songbird2
[2011.08.02 21:58:55 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Sony
[2011.05.26 19:06:40 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.10.04 21:07:04 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Subversion
[2011.01.18 22:08:19 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\SynthMaker
[2011.08.02 12:52:40 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Sytexis Software
[2011.08.06 20:35:13 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\TeamViewer
[2011.02.07 19:03:07 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Thunderbird
[2011.08.18 19:51:16 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Tropico 3
[2011.07.25 21:28:24 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\TS3Client
[2011.07.30 17:22:31 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\ts3overlay
[2010.12.05 17:27:12 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Tunngle
[2011.05.22 22:17:10 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Ubisoft
[2011.08.27 21:51:36 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\uTorrent
[2011.04.25 21:40:20 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\VeskrnaMartin
[2011.08.22 19:31:18 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\vlc
[2011.08.27 22:22:18 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Vso
[2011.08.25 08:56:22 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\Winamp
[2011.02.05 23:57:18 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\WinRAR
[2011.03.22 22:54:38 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\X-Chat 2
[2010.08.03 18:33:39 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\XRay Engine

< %APPDATA%\*.exe /s >
[2011.08.27 22:22:18 | 000,099,384 | ---- | M] () -- C:\Users\Ondřej\AppData\Roaming\inst.exe
[2011.07.17 22:32:58 | 000,810,096 | ---- | M] () -- C:\Users\Ondřej\AppData\Roaming\FileHunter\update.exe
[2011.08.18 21:00:15 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Ondřej\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.08.22 14:44:23 | 000,010,134 | R--- | M] () -- C:\Users\Ondřej\AppData\Roaming\Microsoft\Installer\{024521CF-C07E-4F8E-8481-0D75695E03AF}\ARPPRODUCTICON.exe
[2011.08.15 12:17:46 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Ondřej\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2011.08.11 12:23:11 | 000,088,102 | R--- | M] () -- C:\Users\Ondřej\AppData\Roaming\Microsoft\Installer\{626E44DE-8E53-7570-CFDB-06EBF8595CA8}\ARPPRODUCTICON.exe
[2010.08.31 13:44:48 | 000,069,632 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Ondřej\AppData\Roaming\Microsoft\Installer\{675C161A-889A-4D35-8361-EA74BADCE0E6}\Launcher.exe_D45EC2594A194656B588C2C360DD18EA_2.exe
[2010.08.31 13:44:48 | 000,069,632 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Ondřej\AppData\Roaming\Microsoft\Installer\{675C161A-889A-4D35-8361-EA74BADCE0E6}\srcds.exe_D45EC2594A194656B588C2C360DD18EA.exe
[2010.12.24 21:03:04 | 000,010,134 | R--- | M] () -- C:\Users\Ondřej\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.08.24 15:08:37 | 000,188,152 | ---- | M] () -- C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\7dwq5gwl.default\FlashGot.exe
[2011.02.24 17:07:45 | 000,835,440 | R--- | M] () -- C:\Users\Ondřej\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.11.20 14:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wmp.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.11.20 14:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wmp.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.08.28 10:39:16 | 000,000,512 | ---- | M] () MD5=3527A4260F9549CD3E7968E8AFED2780 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 1225 bytes -> C:\ProgramData\Microsoft:cFZXMonEIfAhj6T8LQ8Mj5WH5xrZ7
@Alternate Data Stream - 1225 bytes -> C:\ProgramData\Microsoft:BXL6apKr7642Q2Zx8o5vCkRql
@Alternate Data Stream - 1153 bytes -> C:\ProgramData\Microsoft:hQmvelbFbTHCQWtWfKX8e5JS
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:C31F31E6
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >

OTL Extras logfile created on: 28.8.2011 10:37:43 - Run 1
OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Ondřej\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

6,00 Gb Total Physical Memory | 4,43 Gb Available Physical Memory | 73,90% Memory free
11,99 Gb Paging File | 10,27 Gb Available in Paging File | 85,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 435,89 Gb Free Space | 46,80% Space Free | Partition Type: NTFS

Computer Name: ONDŘEJ-PC | User Name: Foxtrot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3662217667-1811486626-224088579-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [RapidShareManagerMail] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [RapidShareManagerMail] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{183C740A-0406-380F-A235-2EC2F8A28D13}" = Microsoft Windows SDK MSHelp (30514)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{2D290715-B0FC-3898-9247-62F803A585DF}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514)
"{3156336D-8E44-3671-A6FE-AE51D3D6564E}" = Microsoft Windows SDK for Windows 7 (7.1)
"{348207D1-7754-11E0-9BC0-0013D3D69929}" = MSVCRT Redists
"{36A5281A-B56F-44AA-23F3-0DD2A37B2825}" = AMD Media Foundation Decoders
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{48A7B11D-C3E1-3BEE-AF6C-8976F6E705A6}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Application Verifier (30514)
"{4B55F339-396E-29A9-B6D0-24B6D251C90A}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51317AF5-D39F-49EC-A4B5-87451466B837}" = AMD Fuel
"{541D3A3F-1FFC-9EB6-6C77-75809AAB87AE}" = ATI Catalyst Install Manager
"{54E192A6-AA33-1963-C96A-26AA7A3B41B4}" = ccc-utility64
"{5783F2D7-8001-0405-0102-0060B0CE6BBA}" = AutoCAD 2010 - česky
"{5783F2D7-8001-0405-1102-0060B0CE6BBA}" = Jazykový balíček aplikace AutoCAD 2010 - čeština
"{5857E7BE-2F6F-D41A-42B2-B668B19A5F30}" = AMD Media Foundation Decoders
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68570626-1BF6-310B-AF69-6CD686C04AEA}" = Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514)
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software 7.00
"{6C8D7973-31F9-32E1-A820-8DD857910323}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7F801000-A1D5-11E0-9092-0013D3D69929}" = MSVCRT Redists
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{84452C2C-BDCC-36F3-A189-CE15F02A47FB}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{84E30D73-E30F-3A02-BAA0-5353C04DD18A}" = Microsoft Windows SDK Intellisense and Reference Assemblies (30514)
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88387B3B-B110-392F-B919-1A15B48F21D4}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x64
"{89026002-A893-42D9-9E20-6829B844735E}" = Application Verifier (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951E6223-AC28-345E-BCF4-B55C1267E321}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{A0B0F02C-410B-3DE3-9740-EC4C3D902532}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{A2C55034-8DAF-3755-BA85-CC321707FE99}" = Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AFCA7057-581F-9CE2-A1BD-65371995C64F}" = AMD Fuel
"{B613A9BB-2B34-4824-A4BE-2427653D59D6}" = iTunes
"{B7D0C3BC-CB39-3CA1-9295-A23A93994893}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Windows Debugging Tools (30514)
"{BCC08D47-60ED-FA7F-241B-34BC9947D9FF}" = ccc-utility64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{D7B3B493-7B68-28CE-5931-89A5125C45D3}" = ATI AVIVO64 Codecs
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}" = Debugging Tools for Windows (x64)
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{E8C64028-08E5-4BF0-B1C0-DBAAC6A77DF1}" = PowerDirector
"{F1C4B89A-8BF0-3D7C-8095-BAE412FBEA3F}" = Microsoft Windows SDK .NET Framework Tools (30514)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"AutoCAD 2010 - česky" = AutoCAD 2010 - česky
"AutoCAD 2010 - česky Version 3" = AutoCAD 2010 - česky Version 3
"Canon LBP5000" = Canon LBP5000
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"SP6" = Logitech SetPoint 6.30
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}" = Adobe Premiere Pro CS5.5
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{19D26A2C-D822-484F-908F-34EA2FB8852E}" = Shutdown Timer
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23E445D5-FD83-4C50-A211-EB26A2975317}" = Adobe Flash Professional CS5.5
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30D659E4-4405-6925-CDCF-EB8CD0C80DAC}" = Catalyst Control Center Graphics Previews Common
"{31CA2FC8-BBCC-A59C-3211-345EF6EDCCE1}" = HydraVision
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{370187B9-6964-38D0-851F-6C4898B0C2B1}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{491D92A9-69CA-4EB4-81D3-0106F9337957}" = TurboV EVO
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8305}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5BDA2F58-1F21-4D10-9910-92B01EBCC958}" = AMD USB Filter Driver
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{60DE7978-4F13-5584-5E53-DCEE1CB115A5}" = AMD VISION Engine Control Center
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{626E44DE-8E53-7570-CFDB-06EBF8595CA8}" = Application Profiles
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}" = AMD OverDrive
"{675C161A-889A-4D35-8361-EA74BADCE0E6}" = Half-Life(R) 2
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79872596-B887-E700-8D56-CADBC78BA5DE}" = Adobe Download Assistant
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85268C72-C609-E50A-7AB3-9B3582DFEE66}" = CCC Help English
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{936783CC-73D3-F125-71A4-BC0697B48167}" = CCC Help English
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98890E89-0353-D7BB-594D-26A17055A42B}" = Catalyst Control Center Graphics Previews Common
"{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}" = Microsoft Keyboard Layout Creator 1.4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}" = EPU
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A3B42EE5-AEDA-47C9-9A3D-066445362E1D}" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006]
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AFF8C8F4-E4BB-891F-8636-5E71F946C5B6}" = Catalyst Control Center InstallProxy
"{B3DFF4C8-50BA-463D-8334-4BAFE7172EA6}" = SB Arena Headset
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{C5F4A58B-0729-4F9C-9AA5-54008EEE8CFB}" = RapidBIT Suite
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{C9EAEE6B-741F-421D-B9CE-9FA300DA92AD}_is1" = Super Mario Bros. X version 1.3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF9FABA-FF1F-AA77-60F5-8A6FD53E78E3}" = AMD VISION Engine Control Center
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4197D6B-F046-33E7-ABDE-51FF373FDC76}" = Windows SDK IntellisenseNFX
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"7-Zip" = 7-Zip 4.65
"Acoustica Effects Pack" = Acoustica Effects Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface
"ALchemy" = Creative ALchemy
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AudioCS" = Creative Audio Control Panel
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Avidemux 2.5" = Avidemux 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BattlEye" = BattlEye Uninstall
"CDex" = CDex - Open Source Digital Audio CD Extractor
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"EADM" = EA Download Manager
"EasyBCD" = EasyBCD 2.0
"FileHippo.com" = FileHippo.com Update Checker
"FileZilla Client" = FileZilla Client 3.4.0
"Fraps" = Fraps (remove only)
"FreeCommander_is1" = FreeCommander 2009.02a
"Half-Life" = Half-Life
"Half-Life 2 Episode One" = Half-Life 2 Episode One
"HandBrake" = HandBrake 0.9.5
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{A3B42EE5-AEDA-47C9-9A3D-066445362E1D}" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006]
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Lexicon5" = Lingea Lexicon 5
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MinecraftAlpha" = MinecraftAlpha
"Mozilla Firefox 6.0 (x86 cs)" = Mozilla Firefox 6.0 (x86 cs)
"N360" = Norton 360
"Notepad++" = Notepad++
"OCCT_is1" = OCCT Perestroika 3.1.0
"OpenAL" = OpenAL
"PC Translator" = PC Translator
"PFPortChecker" = PFPortChecker 1.0.39
"PunkBusterSvc" = PunkBuster Services
"RADVideo" = RAD Video Tools
"RapidShare Manager" = RapidShare Manager
"Revo Uninstaller" = Revo Uninstaller 1.92
"Rodokmen Pro_is1" = Rodokmen Pro 2.1.1
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Sierra Utilities" = Sierra Utilities
"Simple Port Forwarding" = Simple Port Forwarding
"Smart Defrag 2_is1" = Smart Defrag 2
"Space Rangers 2" = 1C Company\Space Rangers 2 - Reboot Add-on
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 220" = Half-Life 2
"Steam App 22490" = Fallout: New Vegas
"Steam App 240" = Counter-Strike: Source
"Steam App 4000" = Garry's Mod
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 560" = Left 4 Dead 2 Dedicated Server
"Steam App 564" = Left 4 Dead 2 Add-on Support
"Steam App 620" = Portal 2
"SUPER ©" = SUPER © Version 2010.bld.42 (Nov 7, 2010)
"SysInfo" = Creative System Information
"TeamViewer 6" = TeamViewer 6
"uTorrent" = µTorrent
"VideoCutter_is1" = Kate's Video Cutter
"VLC media player" = VLC media player 1.1.11
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"x264vfw" = x264vfw - H.264/MPEG-4 AVC codec (remove only)
"Xvid Video Codec 1.3.2" = Xvid Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3662217667-1811486626-224088579-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"cae94a2eefe1185d" = Macro Recorder
"Game Organizer" = EasyBits GO
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23.8.2050 14:41:58 | Computer Name = Ondřej-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 23.8.2050 14:41:58 | Computer Name = Ondřej-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 23.8.2050 14:41:58 | Computer Name = Ondřej-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 23.8.2011 15:04:26 | Computer Name = Ondřej-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Winamp\Plugins\gen_G15Display.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 23.8.2011 15:12:01 | Computer Name = Ondřej-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Winamp\Plugins\gen_G15Display.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 23.8.2011 15:21:24 | Computer Name = Ondřej-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Winamp\Plugins\gen_G15Display.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 23.8.2011 15:23:18 | Computer Name = Ondřej-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Winamp\Plugins\gen_G15Display.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 23.8.2011 15:48:16 | Computer Name = Ondřej-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Winamp\Plugins\gen_G15Display.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 24.8.2011 15:53:51 | Computer Name = Ondřej-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Winamp\Plugins\gen_G15Display.dll
se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 24.8.2011 20:16:06 | Computer Name = Ondřej-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files (x86)\freecommander\DelZip179.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\freecommander\DelZip179.dll
na řádku 8. Hodnota * atributu language v prvku assemblyIdentity je neplatná.

[ System Events ]
Error - 27.8.2011 14:10:27 | Computer Name = Ondřej-PC | Source = DCOM | ID = 10010
Description =

Error - 27.8.2011 14:15:38 | Computer Name = Ondřej-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Publikování
prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 27.8.2011 14:27:27 | Computer Name = Ondřej-PC | Source = DCOM | ID = 10010
Description =

Error - 27.8.2011 14:31:10 | Computer Name = Ondřej-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Publikování
prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 27.8.2011 14:35:50 | Computer Name = Ondřej-PC | Source = DCOM | ID = 10010
Description =

Error - 27.8.2011 14:38:46 | Computer Name = Ondřej-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Publikování
prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 27.8.2011 16:28:49 | Computer Name = Ondřej-PC | Source = DCOM | ID = 10010
Description =

Error - 27.8.2011 16:31:42 | Computer Name = Ondřej-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Publikování
prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 27.8.2011 18:32:51 | Computer Name = Ondřej-PC | Source = DCOM | ID = 10010
Description =

Error - 28.8.2011 4:24:19 | Computer Name = Ondřej-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Publikování
prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující
chyby: %%1058


< End of report >

Omlouvam se za zdrzeni, pracovni povinnosti, uz to lustim

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - [2011.08.03 12:37:46 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai)
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ost&s={searchTerms}&f=4
  IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
  IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
  IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
  IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
  IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
  IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
  IE - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DB C1 D0 17 97 39 CB 01 [binary data]
  IE - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\..\URLSearchHook: - Reg Error: Key error. File not found
  FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
  FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: File not found
  FF - HKLM\Software\MozillaPlugins\@IObitBar.com/Plugin: File not found
  FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{1018E4D6-728F-4B20-AD56-37578A4DE76B}
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{582195F5-92E7-40A0-A127-DB71295901D7}.XPI
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\CS@DICTIONARIES.ADDONS.MOZILLA.ORG
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\EN-US@DICTIONARIES.ADDONS.MOZILLA.ORG
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\GOOGLEDICTIONARY@TOPTIP.CA.XPI
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI
  File not found (No name found) -- C:\USERS\ONDřEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7DWQ5GWL.DEFAULT\EXTENSIONS\STATUS4EVAR@CALIGONSTUDIOS.COM.XPI
  O2 - BHO: (no name) - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - No CLSID value found.
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O15 - HKU\S-1-5-21-3662217667-1811486626-224088579-1001\..Trusted Domains: kuaiche.com ([software] http in Důvěryhodné servery)
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
  O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
  O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
  O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
  [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  [2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [63 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
  [18 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
  [2011.04.26 18:21:53 | 000,000,000 | ---D | M] -- C:\Users\Ondřej\AppData\Roaming\IObit
  @Alternate Data Stream - 1225 bytes -> C:\ProgramData\Microsoft:cFZXMonEIfAhj6T8LQ8Mj5WH5xrZ7
  @Alternate Data Stream - 1225 bytes -> C:\ProgramData\Microsoft:BXL6apKr7642Q2Zx8o5vCkRql
  @Alternate Data Stream - 1153 bytes -> C:\ProgramData\Microsoft:hQmvelbFbTHCQWtWfKX8e5JS
  @Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:C31F31E6
  @Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1
  
  :services
  gupdate
  gupdatem
  
  
  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Skype"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 4]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CtaMon]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObitBar Browser Plugin Loader]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\manager]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostFeedBack]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostMonitor]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rundll32]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Six Engine]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartRAM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  "WinampAgent"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
  "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
  "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  "AppInit_DLLs"=""
  
  :files
  C:\Program Files (x86)\facemoods.com
  c:\Program Files (x86)\Common Files\Akamai
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
Service Akamai stopped successfully!
Service Akamai deleted successfully!
c:\Program Files (x86)\Common Files\Akamai\netsession_win_2da1ebd.dll moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-3662217667-1811486626-224088579-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3662217667-1811486626-224088579-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@checkpoint.com/FFApi\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@IObitBar.com/Plugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3662217667-1811486626-224088579-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\kuaiche.com\software\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\ not found.
File {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder deleted successfully.
C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7177.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI184E.tmp deleted successfully.
C:\Windows\Installer\MSI18E8.tmp deleted successfully.
C:\Windows\Installer\MSI2181.tmp deleted successfully.
C:\Windows\Installer\MSI2BFC.tmp deleted successfully.
C:\Windows\Installer\MSI3363.tmp deleted successfully.
C:\Windows\Installer\MSI4BA6.tmp deleted successfully.
C:\Windows\Installer\MSI5861.tmp deleted successfully.
C:\Windows\Installer\MSI5F19.tmp deleted successfully.
C:\Windows\Installer\MSI5F83.tmp deleted successfully.
C:\Windows\Installer\MSI64C1.tmp deleted successfully.
C:\Windows\Installer\MSI6E0B.tmp deleted successfully.
C:\Windows\Installer\MSI6E5D.tmp deleted successfully.
C:\Windows\Installer\MSI7052.tmp deleted successfully.
C:\Windows\Installer\MSI7217.tmp deleted successfully.
C:\Windows\Installer\MSI7E79.tmp deleted successfully.
C:\Windows\Installer\MSI7FA3.tmp deleted successfully.
C:\Windows\Installer\MSI8221.tmp deleted successfully.
C:\Windows\Installer\MSI882C.tmp deleted successfully.
C:\Windows\Installer\MSI8BE1.tmp deleted successfully.
C:\Windows\Installer\MSI8F0F.tmp deleted successfully.
C:\Windows\Installer\MSIAFF5.tmp deleted successfully.
C:\Windows\Installer\MSIB4E6.tmp deleted successfully.
C:\Windows\Installer\MSIB757.tmp deleted successfully.
C:\Windows\Installer\MSIBCF6.tmp deleted successfully.
C:\Windows\Installer\MSIBF67.tmp deleted successfully.
C:\Windows\Installer\MSIC14C.tmp deleted successfully.
C:\Windows\Installer\MSIC311.tmp deleted successfully.
C:\Windows\Installer\MSIC42B.tmp deleted successfully.
C:\Windows\Installer\MSIC516.tmp deleted successfully.
C:\Windows\Installer\MSIC5B0.tmp deleted successfully.
C:\Windows\Installer\MSIC620.tmp deleted successfully.
C:\Windows\Installer\MSIC749.tmp deleted successfully.
C:\Windows\Installer\MSICA56.tmp deleted successfully.
C:\Windows\Installer\MSICBED.tmp deleted successfully.
C:\Windows\Installer\MSICCA4.tmp deleted successfully.
C:\Windows\Installer\MSICD74.tmp deleted successfully.
C:\Windows\Installer\MSICE5F.tmp deleted successfully.
C:\Windows\Installer\MSICF98.tmp deleted successfully.
C:\Windows\Installer\MSID0A2.tmp deleted successfully.
C:\Windows\Installer\MSID1DB.tmp deleted successfully.
C:\Windows\Installer\MSID372.tmp deleted successfully.
C:\Windows\Installer\MSID48C.tmp deleted successfully.
C:\Windows\Installer\MSID577.tmp deleted successfully.
C:\Windows\Installer\MSID7A9.tmp deleted successfully.
C:\Windows\Installer\MSID885.tmp deleted successfully.
C:\Windows\Installer\MSID977.tmp deleted successfully.
C:\Windows\Installer\MSID9CD.tmp deleted successfully.
C:\Windows\Installer\MSID9FD.tmp deleted successfully.
C:\Windows\Installer\MSIDAB8.tmp deleted successfully.
C:\Windows\Installer\MSIDBB3.tmp deleted successfully.
C:\Windows\Installer\MSIDCBD.tmp deleted successfully.
C:\Windows\Installer\MSIE6B2.tmp deleted successfully.
C:\Windows\Installer\MSIE955.tmp deleted successfully.
C:\Windows\Installer\MSIEDB4.tmp deleted successfully.
C:\Windows\Installer\MSIEEBE.tmp deleted successfully.
C:\Windows\Installer\MSIEFF7.tmp deleted successfully.
C:\Windows\Installer\MSIF013.tmp deleted successfully.
C:\Windows\Installer\MSIF0DF.tmp deleted successfully.
C:\Windows\Installer\MSIF12A.tmp deleted successfully.
C:\Windows\Installer\MSIF1CA.tmp deleted successfully.
C:\Windows\Installer\MSIF2FF.tmp deleted successfully.
C:\Windows\Installer\MSIF4D4.tmp deleted successfully.
C:\Windows\Installer\MSIF66A.tmp deleted successfully.
C:\Windows\Temp\tmp34C5.tmp deleted successfully.
C:\Windows\Temp\tmp34C6.tmp deleted successfully.
C:\Windows\Temp\tmp428B.tmp deleted successfully.
C:\Windows\Temp\tmp428C.tmp deleted successfully.
C:\Windows\Temp\tmp4910.tmp deleted successfully.
C:\Windows\Temp\tmp4911.tmp deleted successfully.
C:\Windows\Temp\tmp7041.tmp deleted successfully.
C:\Windows\Temp\tmp7042.tmp deleted successfully.
C:\Windows\Temp\tmp7AAD.tmp deleted successfully.
C:\Windows\Temp\tmp7AAE.tmp deleted successfully.
C:\Windows\Temp\tmp91F4.tmp deleted successfully.
C:\Windows\Temp\tmp91F5.tmp deleted successfully.
C:\Windows\Temp\tmp952.tmp deleted successfully.
C:\Windows\Temp\tmp992.tmp deleted successfully.
C:\Windows\Temp\tmpDCD6.tmp deleted successfully.
C:\Windows\Temp\tmpDCD7.tmp deleted successfully.
C:\Windows\Temp\UDD4685.tmp deleted successfully.
C:\Windows\Temp\UDD679A.tmp deleted successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\SmartRAM folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Smart Defrag 2 folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\InternetBooster folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced Uninsataller folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare V4\Toolbox folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare V4\Smart RAM folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare V4\Registrycleaner\backup folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare V4\Registrycleaner folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare V4\PMonitor folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare V4\Log folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare V4\Internet Booster folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare V4\Backup folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare V4 folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare\Backup folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit\Advanced SystemCare folder moved successfully.
C:\Users\Ondřej\AppData\Roaming\IObit folder moved successfully.
ADS C:\ProgramData\Microsoft:cFZXMonEIfAhj6T8LQ8Mj5WH5xrZ7 deleted successfully.
ADS C:\ProgramData\Microsoft:BXL6apKr7642Q2Zx8o5vCkRql deleted successfully.
ADS C:\ProgramData\Microsoft:hQmvelbFbTHCQWtWfKX8e5JS deleted successfully.
ADS C:\ProgramData\Temp:C31F31E6 deleted successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 4\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CtaMon\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObitBar Browser Plugin Loader\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\manager\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostFeedBack\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rundll32\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Six Engine\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartRAM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== FILES ==========
File\Folder C:\Program Files (x86)\facemoods.com not found.
c:\Program Files (x86)\Common Files\Akamai\Logs\dump folder moved successfully.
c:\Program Files (x86)\Common Files\Akamai\Logs folder moved successfully.
c:\Program Files (x86)\Common Files\Akamai\Languages folder moved successfully.
c:\Program Files (x86)\Common Files\Akamai\Cache\Adobe Trials2 Stage folder moved successfully.
c:\Program Files (x86)\Common Files\Akamai\Cache\37309 folder moved successfully.
c:\Program Files (x86)\Common Files\Akamai\Cache folder moved successfully.
c:\Program Files (x86)\Common Files\Akamai folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: AppData

User: Default User

User: Desktop

User: Ond

User: Ondřej
->Temp folder emptied: 2457789 bytes
->Temporary Internet Files folder emptied: 42737174 bytes
->Java cache emptied: 3334022 bytes
->FireFox cache emptied: 95105523 bytes
->Flash cache emptied: 59429 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 666 bytes
RecycleBin emptied: 13368371553 bytes

Total Files Cleaned = 12 886,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: AppData

User: Default User

User: Desktop

User: Ond

User: Ondřej
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.26.6 log created on 08282011_204754

Files\Folders moved on Reboot...
C:\Users\Ondřej\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Mockrát děkuji.

Nemate zac, rad jsem pomohl Zase nekdy