VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by admin at 2011-11-14 10:14:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 262 GB (88%) free of 300 GB
Total RAM: 3580 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:14:08, on 14.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
C:\Users\admin\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: Hot MP3 Toolbar - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files (x86)\Hot_MP3\tbHot_.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Security - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll
O2 - BHO: Hot MP3 Toolbar - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files (x86)\Hot_MP3\tbHot_.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\admin\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files (x86)\Seznam.cz\toolbar\toolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: ???????@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll
O3 - Toolbar: Hot MP3 Toolbar - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files (x86)\Hot_MP3\tbHot_.dll
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe" /gui
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Installer] "C:\Program Files (x86)\CheckPoint\Install\Launcher.exe" "C:\Program Files (x86)\CheckPoint\Install\Install.exe" /r download /c "C:\Program Files (x86)\CheckPoint\Install\Install.xml" /l /w
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - (no file)
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12648 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\svchost.exe -k Akamai
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
WLIDSvcM.exe 2808
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\PixArt\Pac207\Monitor.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
KHALMNPR.EXE /API
"C:\Users\admin\AppData\Local\Akamai\netsession_win.exe"
"C:\Users\admin\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe" /crashhandler
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
C:/Users/admin/AppData/Local/Akamai/netsession_win.exe --client
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
"C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe" /gui
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /set_event="FFAPI_StartEvent_1034_dbae" /icon="hidden"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3476.6f483d0.2098398765 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.8.0 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 3476 "\\.\pipe\gecko-crash-server-pipe.3476" plugin
wmiadap.exe /F /T /R
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\admin\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1071306001-177135528-4153119601-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1071306001-177135528-4153119601-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rwe7uvgb.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://go.mail.ru/search?utf8in=1&fr=fftbUFix&q="

"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
flashplayer.xpt
nsIQTScriptablePlugin.xpt
Scriptff.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
fcmdSrchvsl.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\
engine@conduit.com
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{800b5000-a755-47e1-992b-48a1c1357f07}
{91da5e8a-3318-4f8c-b67e-5964de3ab546}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-02-15 903672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}]
Complitly - C:\Users\admin\AppData\Roaming\Complitly\64\Complitly64.dll [2011-04-13 167416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll [2011-10-15 1564880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-02-15 599544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll [2011-03-28 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}]
Hot MP3 Toolbar - C:\Program Files (x86)\Hot_MP3\tbHot_.dll [2010-02-22 2353176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}]
Complitly - C:\Users\admin\AppData\Roaming\Complitly\Complitly.dll [2011-04-13 139768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files (x86)\Seznam.cz\listicka.dll [2011-03-15 2201600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-02-15 903672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll [2011-03-28 176936]
{30F9B915-B755-4826-820B-08FBA6BD249D}
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-02-15 599544]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files (x86)\Seznam.cz\toolbar\toolbar.dll [2011-03-10 183808]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{09900DE8-1DCA-443F-9243-26FF581438AF} - Спутник@Mail.Ru - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll [2011-10-15 1564880]
{9384bd4c-dd14-4be9-80f7-f6277511e4f5} - Hot MP3 Toolbar - C:\Program Files (x86)\Hot_MP3\tbHot_.dll [2010-02-22 2353176]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-06 10144288]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1680976]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-02-15 1123320]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"ISUSPM Startup"=c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"Google Update"=C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-13 136176]
"Akamai NetSession Interface"=C:\Users\admin\AppData\Local\Akamai\netsession_win.exe [2011-11-12 3303000]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-26 336384]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2011-03-18 1043968]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe [2011-10-15 1482960]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"ZoneAlarm Installer"=C:\Program Files (x86)\CheckPoint\Install\Launcher.exe [2011-11-13 403088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-03-29 249344]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoCloseDragDropBands"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-11-13 06:53:33 ----D---- C:\Program Files (x86)\CheckPoint
2011-11-13 06:32:30 ----D---- C:\ProgramData\Blizzard Entertainment
2011-11-12 22:17:52 ----D---- C:\Program Files (x86)\World of Warcraft
2011-11-09 06:38:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-09 06:38:02 ----A---- C:\Windows\system32\win32k.sys
2011-11-07 15:11:58 ----A---- C:\Windows\SYSWOW64\RENDDEA.tmp
2011-11-03 16:42:00 ----D---- C:\Users\admin\AppData\Roaming\Software602
2011-11-03 16:41:37 ----A---- C:\Windows\SYSWOW64\msvbvm60001.dll
2011-11-03 16:41:36 ----A---- C:\Windows\system32\cdintf450_x64.dll
2011-11-03 16:41:32 ----D---- C:\Users\admin\AppData\Roaming\602Installer
2011-11-03 16:31:25 ----D---- C:\Program Files (x86)\Investintech.com Inc
2011-11-03 16:25:41 ----D---- C:\Program Files (x86)\SomePDF
2011-11-03 16:25:25 ----D---- C:\Program Files (x86)\All Office Converter Platinum
2011-11-03 16:22:06 ----D---- C:\Program Files (x86)\office Convert Pdf to Website for Htm Html
2011-11-03 16:16:52 ----D---- C:\Program Files (x86)\office Convert Pdf to Jpg Jpeg Tiff
2011-11-03 16:10:41 ----D---- C:\Program Files (x86)\office Convert Pdf to Word for Doc Free
2011-11-01 18:49:09 ----A---- C:\Windows\ntbtlog.txt
2011-10-29 20:09:24 ----D---- C:\Program Files (x86)\Origin
2011-10-29 20:02:22 ----D---- C:\Program Files (x86)\Microsoft WSE
2011-10-29 19:58:58 ----D---- C:\Program Files (x86)\Electronic Arts
2011-10-26 22:51:20 ----A---- C:\Windows\system32\shell32.dll
2011-10-26 22:51:19 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-10-26 18:50:28 ----D---- C:\Program Files (x86)\Wondershare
2011-10-26 18:35:51 ----D---- C:\ProgramData\Altova
2011-10-26 18:02:38 ----A---- C:\Windows\pdf2word.INI
2011-10-26 18:02:06 ----D---- C:\Program Files (x86)\VeryPDF PDF2Word v3.0
2011-10-26 17:55:59 ----D---- C:\Users\admin\AppData\Roaming\Smart PDF Converter Pro
2011-10-26 17:55:43 ----D---- C:\Program Files\Smart PDF Converter Pro
2011-10-26 17:44:21 ----D---- C:\Program Files (x86)\Free PDF to Word Converter
2011-10-26 17:40:18 ----D---- C:\Program Files (x86)\Free PDF to Word Doc Converter
2011-10-26 12:55:36 ----D---- C:\ProgramData\YouTube Downloader
2011-10-26 12:52:22 ----D---- C:\Program Files (x86)\YouTube Downloader
2011-10-24 18:51:32 ----D---- C:\Users\admin\AppData\Roaming\vlc
2011-10-24 18:51:11 ----D---- C:\Program Files (x86)\VideoLAN
2011-10-22 21:06:16 ----A---- C:\Windows\SYSWOW64\H@tKeysH@@k.DLL
2011-10-19 17:10:15 ----SHD---- C:\Windows\ftpcache
2011-10-18 19:02:41 ----D---- C:\ProgramData\Electronic Arts
2011-10-15 20:15:17 ----A---- C:\Windows\SYSWOW64\out.txt
2011-10-15 20:15:16 ----D---- C:\Users\admin\AppData\Roaming\SkyMonk
2011-10-15 20:15:12 ----D---- C:\Program Files (x86)\Mail.Ru
2011-10-15 20:15:08 ----D---- C:\Program Files (x86)\SkyMonk

======List of files/folders modified in the last 1 month======

2011-11-14 10:14:07 ----D---- C:\Windows\temp
2011-11-14 10:14:06 ----D---- C:\Program Files\trend micro
2011-11-14 10:14:01 ----D---- C:\Windows\tracing
2011-11-14 10:14:01 ----D---- C:\Windows\Prefetch
2011-11-14 10:09:01 ----D---- C:\Windows\Internet Logs
2011-11-14 10:08:16 ----D---- C:\Windows\Minidump
2011-11-14 10:08:11 ----D---- C:\Windows
2011-11-14 09:53:38 ----D---- C:\Windows\System32
2011-11-14 09:53:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-14 08:31:53 ----D---- C:\Windows\system32\config
2011-11-13 18:17:39 ----D---- C:\Users\admin\AppData\Roaming\uTorrent
2011-11-13 10:13:36 ----D---- C:\Users\admin\AppData\Roaming\Skype
2011-11-13 06:53:33 ----RD---- C:\Program Files (x86)
2011-11-13 06:32:30 ----D---- C:\ProgramData
2011-11-12 22:17:52 ----D---- C:\Program Files (x86)\Common Files
2011-11-12 07:48:29 ----SHD---- C:\Windows\Installer
2011-11-12 07:48:29 ----D---- C:\Config.Msi
2011-11-11 07:19:16 ----D---- C:\Windows\system32\catroot
2011-11-11 06:36:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-11-09 18:36:10 ----D---- C:\Users\admin\AppData\Roaming\ICQ
2011-11-09 15:46:13 ----D---- C:\Windows\winsxs
2011-11-09 07:18:50 ----D---- C:\Windows\system32\drivers
2011-11-09 07:18:50 ----D---- C:\Program Files\Common Files\System
2011-11-09 07:08:50 ----D---- C:\Windows\debug
2011-11-09 07:08:49 ----A---- C:\Windows\system32\MRT.exe
2011-11-07 15:11:58 ----D---- C:\Windows\SysWOW64
2011-11-07 15:11:57 ----D---- C:\Program Files (x86)\Java
2011-11-05 21:16:39 ----RD---- C:\Users
2011-11-05 19:30:48 ----N---- C:\Windows\Setup1.exe
2011-11-04 16:10:37 ----D---- C:\Program Files (x86)\OpenAL
2011-11-04 16:10:37 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2011-11-04 16:10:37 ----A---- C:\Windows\system32\OpenAL32.dll
2011-11-04 16:10:28 ----RSD---- C:\Windows\assembly
2011-11-04 14:43:40 ----D---- C:\Program Files (x86)\MSXML 4.0
2011-11-04 14:25:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-11-02 09:22:35 ----D---- C:\Windows\system32\catroot2
2011-11-01 21:36:48 ----D---- C:\Windows\system32\NDF
2011-11-01 18:32:41 ----D---- C:\Windows\Logs
2011-11-01 05:41:38 ----D---- C:\Users\admin\AppData\Roaming\Mozilla
2011-10-31 19:43:36 ----D---- C:\Users\admin\AppData\Roaming\Vso
2011-10-29 08:30:37 ----D---- C:\Program Files (x86)\TuneUp Utilities 2011
2011-10-29 08:30:28 ----D---- C:\Windows\system32\Tasks
2011-10-28 14:14:41 ----D---- C:\Program Files (x86)\Windows Live
2011-10-28 14:14:19 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-26 23:02:29 ----D---- C:\ProgramData\Microsoft Help
2011-10-26 23:01:27 ----A---- C:\Windows\win.ini
2011-10-26 18:44:49 ----D---- C:\Windows\Downloaded Installations
2011-10-26 17:59:33 ----D---- C:\Program Files\Common Files
2011-10-26 17:55:43 ----RD---- C:\Program Files
2011-10-24 16:59:39 ----D---- C:\Program Files (x86)\Hot_MP3
2011-10-24 16:58:43 ----D---- C:\ProgramData\SuperMP3Download
2011-10-16 07:56:17 ----D---- C:\Program Files (x86)\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-23 503352]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 458840]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-02-15 33528]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-27 9085952]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-26 299520]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-11-14 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-06 2337440]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2011-04-30 76056]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2011-04-30 15128]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-04-30 66840]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-04-30 60184]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-02-23 82816]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
S1 acedrv07;acedrv07; \??\C:\Windows\system32\drivers\acedrv07.sys [2011-01-22 125440]
S3 a5xx4uvg;a5xx4uvg; C:\Windows\system32\drivers\a5xx4uvg.sys []
S3 AODDriver;AODDriver; \??\C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [2010-03-12 52280]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2010-12-06 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2010-12-23 30528]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-05-10 33344]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2011-04-30 42776]
S3 netr28ux;%Generic.Service.DispName%; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-11-13 1085952]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-11-30 35112]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-01-26 203776]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 354304]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 ezGOSvc;Easybits GO Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe [2011-10-15 1482960]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-02-15 822264]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2011-03-18 2435592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravim a pekny den preji

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  adp3132.sys
  AGP440.sys
  ahcix86.sys
  ahcix86s.sys
  atapi.sys
  autochk.exe
  cdrom.sys
  cngaudit.dll
  cryptsvc.dll
  eNetHook.dll
  eventlog.dll
  explorer.exe
  hal.dll
  Changer.sys
  iaStor.sys
  iastorv.sys
  IdeChnDr.sys
  isapnp.sys
  JakNDis.sys
  KR10N.sys
  logevent.dll
  lsass.exe
  mv61xx.sys
  ndis.sys
  netlogon.dll
  ntelogon.dll
  nvata.sys
  nvatabus.sys
  nvgts.sys
  nvraid.sys
  nvrd32.sys
  nvstor.sys
  nvstor32.sys
  scecli.dll
  sceclt.dll
  smss.exe
  svchost.exe
  symmpi.sys
  tcpip.sys
  userinit.exe
  vaxscsi.sys
  viamraid.sys
  viasraid.sys
  ViPrt.sys
  winlogon.exe
  ws2_32.dll
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
  reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
  reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
  
  type c:\boot.ini >> test.txt /c
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

ta kontrola prostě nejde dokončit, zastaví se to a stojí to hodinu a nic se neděje :/

Zkuste opakovat v nouzovem rezimu

OTL logfile created on: 14.11.2011 21:51:26 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 63,87% Memory free
6,99 Gb Paging File | 5,76 Gb Available in Paging File | 82,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,87 Gb Total Space | 256,78 Gb Free Space | 87,68% Space Free | Partition Type: NTFS
Drive D: | 638,54 Gb Total Space | 447,01 Gb Free Space | 70,00% Space Free | Partition Type: NTFS

Computer Name: PHENOM_II | User Name: admin | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.11.14 11:25:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
PRC - [2011.11.11 06:36:21 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.03.18 00:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe


========== Modules (No Company Name) ==========

MOD - [2011.11.11 06:36:20 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.10.18 14:29:36 | 008,522,400 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.09.06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.02.15 16:26:18 | 000,822,264 | ---- | M] (Check Point Software Technologies) [Auto | Stopped] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2011.01.26 23:55:36 | 000,203,776 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.01.26 18:01:28 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.06.17 05:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.11.12 07:45:25 | 003,313,752 | ---- | M] () [Auto | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_dac4cfd.dll -- (Akamai)
SRV - [2011.11.03 19:25:08 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.10.15 20:15:16 | 001,482,960 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe -- (Guard.Mail.ru)
SRV - [2011.06.12 14:05:34 | 000,080,256 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\ezGOSvc.dll -- (ezGOSvc)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.18 00:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.09.06 21:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.09.06 21:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.09.06 21:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.09.06 21:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.09.06 21:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.09.06 21:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.05.10 16:53:41 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2011.04.30 12:59:32 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011.04.30 12:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 12:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.04.30 12:59:10 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011.04.30 12:59:10 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011.02.23 18:13:32 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011.02.15 16:25:38 | 000,033,528 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Stopped] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2011.01.27 00:37:20 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.01.26 23:13:32 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.01.22 22:20:12 | 000,125,440 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\acedrv07.sys -- (acedrv07)
DRV:64bit: - [2010.12.23 14:39:44 | 000,503,352 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.11.30 17:07:06 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) Protokol RMP (Reliable Multicast Protocol)
DRV:64bit: - [2010.05.15 15:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2010.04.27 11:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.03.22 10:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.01.27 04:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.11.13 16:45:02 | 001,085,952 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.10.07 11:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.10.07 11:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 02:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV - [2011.11.14 13:27:53 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.12.23 21:07:48 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2010.12.06 10:57:00 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010.03.12 05:40:48 | 000,052,280 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys -- (AODDriver)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {64d23501-5195-4224-9446-e2b0fb64e859} - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files (x86)\Hot_MP3\tbHot_.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - SOFTWARE\Classes\CLSID\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\InprocServer32 File not found


IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\..\URLSearchHook: {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files (x86)\Hot_MP3\tbHot_.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "http://www.mail.ru/"
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Security Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://go.mail.ru/search?fr=fftb&utf8in&q="
FF - prefs.js..browser.search.selectedEngine: "mail.ru: Поиск в Интернете"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..keyword.URL: "http://go.mail.ru/search?utf8in=1&fr=fftbUFix&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\admin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\admin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\admin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\admin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2011.08.29 12:38:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.10 18:00:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.09.08 17:05:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011.08.29 12:04:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.11 06:36:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.15 14:50:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.10 18:00:16 | 000,000,000 | ---D | M]

[2010.12.06 12:32:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Extensions
[2011.11.12 08:02:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions
[2010.12.22 19:08:01 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.09.10 21:25:40 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2011.11.09 07:10:16 | 000,000,000 | ---D | M] (Спутник @Mail.Ru) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
[2011.11.08 07:10:14 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011.11.07 07:10:12 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.11.08 07:10:15 | 000,000,000 | ---D | M] (ZoneAlarm Security Community Toolbar) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
[2011.11.12 08:02:08 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.05.29 20:48:30 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\engine@conduit.com
[2011.11.11 06:36:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.09.03 21:16:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.11.07 15:12:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.11.11 06:36:21 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.14 13:08:02 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.05.28 23:03:52 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.08.16 08:45:27 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchvsl.xml
[2011.08.30 21:39:04 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.08.30 21:39:04 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.08.30 21:39:04 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.08.30 21:39:04 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.08.30 21:39:04 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\admin\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\admin\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\admin\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\admin\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: 9 Ball baz\u00E9n = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmncmephfckdpcmohbdpcnkmchejma\1.0_0\
CHR - Extension: YouTube = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Kule\u010Dn\u00EDk - Osmi\u010Dky = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb\1.0.4_0\
CHR - Extension: Complitly plugin for chrome = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_1\
CHR - Extension: avast! WebRep = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\
CHR - Extension: Shelby.tv = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaiaomcjnpnglpdjmkedmmckhmgljoge\1.0_0\
CHR - Extension: Curling = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.9_0\
CHR - Extension: Gmail = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
CHR - Extension: 3D Tenis = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjpokfkdchapbkfpkmeiebmlfafbljla\2.3_0\

O1 HOSTS File: ([2011.08.29 10:49:58 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\admin\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2 - BHO: (MailRuBHO Class) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll (@Mail.Ru)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.)
O2 - BHO: (Hot MP3 Toolbar) - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files (x86)\Hot_MP3\tbHot_.dll (Conduit Ltd.)
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\admin\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Спутник@Mail.Ru) - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll (@Mail.Ru)
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files (x86)\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (Reg Error: Value error.) - {30F9B915-B755-4826-820B-08FBA6BD249D} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Hot MP3 Toolbar) - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files (x86)\Hot_MP3\tbHot_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Reg Error: Value error.) - Locked - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\..\Toolbar\WebBrowser: (Nástroje Lištičky) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O3 - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\..\Toolbar\WebBrowser: (ZoneAlarm Security Toolbar) - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKLM..\Run: [ZoneAlarm Installer] C:\Program Files (x86)\CheckPoint\Install\Launcher.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-1071306001-177135528-4153119601-1001..\Run: [Akamai NetSession Interface] C:\Users\admin\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-1071306001-177135528-4153119601-1001..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: =
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - Reg Error: Value error. File not found
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6304D142-ABC6-4F1D-8752-4801FE140590}: DhcpNameServer = 192.168.1.2
O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Error creating restore point.


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.VP60 - File not found
Drivers32:64bit: vidc.VP61 - File not found
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\iyvu9_32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.11.14 20:01:46 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\Majk spirit nový člověk
[2011.11.14 11:25:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2011.11.14 11:07:22 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Secunia PSI
[2011.11.13 06:53:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2011.11.13 06:53:14 | 005,061,096 | ---- | C] (Check Point Software Technologies LTD) -- C:\Users\admin\Desktop\zaSetupWeb_101_065_000.exe
[2011.11.13 06:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011.11.12 22:55:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2011.11.12 22:17:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2011.11.12 22:17:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011.11.09 21:07:06 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Akamai
[2011.02.23 18:05:30 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\admin\AppData\Roaming\pcouffin.sys
[2010.02.03 23:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
[7 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[56 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.11.14 21:55:48 | 004,566,456 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.11.14 21:55:48 | 002,015,720 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.14 21:55:48 | 001,463,674 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.11.14 21:55:48 | 001,404,632 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.14 21:55:48 | 000,006,240 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.14 21:52:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.14 21:50:09 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011.11.14 21:50:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.14 21:49:57 | 2815,549,440 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.14 21:49:08 | 000,003,224 | ---- | M] () -- C:\bootsqm.dat
[2011.11.14 20:48:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1071306001-177135528-4153119601-1001UA.job
[2011.11.14 13:35:20 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.14 13:35:11 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.14 13:27:53 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2011.11.14 11:25:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2011.11.14 11:03:58 | 000,000,928 | ---- | M] () -- C:\Users\admin\AppData\Local\SRDownloader.nast
[2011.11.14 10:48:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1071306001-177135528-4153119601-1001Core.job
[2011.11.14 10:13:44 | 000,935,175 | ---- | M] () -- C:\Users\admin\Desktop\RSITx64.exe
[2011.11.14 10:08:11 | 485,544,893 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.11.13 09:01:26 | 000,001,354 | ---- | M] () -- C:\Users\admin\Desktop\Resume ZoneAlarm Security Install.lnk
[2011.11.13 06:53:25 | 005,061,096 | ---- | M] (Check Point Software Technologies LTD) -- C:\Users\admin\Desktop\zaSetupWeb_101_065_000.exe
[2011.11.09 15:45:52 | 000,307,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.11.08 16:01:38 | 000,009,728 | ---- | M] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[7 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.11.14 21:49:08 | 000,003,224 | ---- | C] () -- C:\bootsqm.dat
[2011.11.14 11:29:12 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.14 10:13:38 | 000,935,175 | ---- | C] () -- C:\Users\admin\Desktop\RSITx64.exe
[2011.11.13 06:53:36 | 000,001,354 | ---- | C] () -- C:\Users\admin\Desktop\Resume ZoneAlarm Security Install.lnk
[2011.11.13 06:29:47 | 485,544,893 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.11.06 19:44:45 | 000,000,928 | ---- | C] () -- C:\Users\admin\AppData\Local\SRDownloader.nast
[2011.10.26 18:02:38 | 000,000,331 | ---- | C] () -- C:\Windows\pdf2word.INI
[2011.10.22 21:06:16 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\H@tKeysH@@k.DLL
[2011.10.02 13:27:52 | 000,000,017 | ---- | C] () -- C:\Users\admin\AppData\Local\resmon.resmoncfg
[2011.09.27 23:54:32 | 002,851,088 | ---- | C] () -- C:\Windows\GDFBinary.dll
[2011.09.27 23:54:32 | 000,079,120 | ---- | C] () -- C:\Windows\akamaiDLL.dll
[2011.09.09 21:19:54 | 000,000,076 | ---- | C] () -- C:\Windows\SysWow64\netjr32.dll
[2011.09.09 15:38:24 | 000,000,385 | ---- | C] () -- C:\Windows\wTRTv5.ini
[2011.08.10 10:55:22 | 000,021,285 | ---- | C] () -- C:\Windows\SysWow64\nqwzcidb.dll
[2011.07.01 20:50:59 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.06.29 20:09:04 | 000,000,128 | ---- | C] () -- C:\Windows\crywmvtoavi.ini
[2011.06.29 20:08:30 | 000,000,005 | ---- | C] () -- C:\Windows\SysWow64\SySwmvtoavi.dat
[2011.06.12 15:33:23 | 000,080,256 | ---- | C] () -- C:\Windows\SysWow64\ezGOSvc.dll
[2011.06.01 11:04:39 | 000,006,222 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.30 17:47:28 | 000,179,372 | ---- | C] () -- C:\Windows\hpoins13.dat.temp
[2011.05.28 21:22:08 | 000,079,977 | ---- | C] () -- C:\Users\admin\AppData\Roaming\UserTile.png
[2011.05.01 18:16:55 | 000,000,047 | ---- | C] () -- C:\Windows\WinBIN2ISO.INI
[2011.04.09 19:21:54 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.04.09 19:21:47 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.28 20:38:14 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011.03.27 16:34:31 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.03.22 20:34:20 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.03.18 23:41:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.02.23 18:05:30 | 000,007,859 | ---- | C] () -- C:\Users\admin\AppData\Roaming\pcouffin.cat
[2011.02.23 18:05:30 | 000,001,167 | ---- | C] () -- C:\Users\admin\AppData\Roaming\pcouffin.inf
[2011.02.23 18:03:07 | 000,010,568 | ---- | C] () -- C:\Users\admin\AppData\Roaming\vso_ts_preview.xml
[2011.01.22 22:20:12 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\acedrv07.dll
[2011.01.11 13:34:31 | 000,009,728 | ---- | C] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.31 22:48:51 | 000,000,041 | ---- | C] () -- C:\Windows\nfsc_patch.ini
[2010.12.25 17:19:51 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2010.12.23 20:58:09 | 000,380,671 | ---- | C] () -- C:\Windows\SysWow64\nvwrseym.dat
[2010.12.23 20:58:09 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2010.12.23 20:58:09 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2010.12.23 20:58:09 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\vp6install.exe
[2010.12.21 03:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.12.19 21:06:26 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010.12.10 17:51:31 | 000,179,390 | ---- | C] () -- C:\Windows\hpoins13.dat
[2010.12.10 17:51:31 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl13.dat
[2010.12.09 07:04:41 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl13.dat.temp
[2010.12.06 20:20:09 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.12.06 11:49:51 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.12.05 19:39:39 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2010.12.05 19:29:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.12.05 19:24:11 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010.06.23 11:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.06.23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.03.15 04:31:48 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.08.27 08:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.14 00:39:46 | 000,068,096 | ---- | C] () -- C:\Windows\SysWow64\packager.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SP207.INI
[2005.11.06 00:34:50 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\Lame.exe
[2005.10.15 13:25:20 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\myodbc3i.exe
[2005.10.15 13:25:20 | 000,011,776 | ---- | C] () -- C:\Windows\SysWow64\myodbc3m.exe

========== LOP Check ==========

[2011.11.03 16:43:49 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\602Installer
[2011.05.29 21:37:02 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Babylon
[2011.01.29 19:24:53 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\BlackBean
[2011.07.17 22:07:51 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\BSplayer
[2011.07.17 22:03:28 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\BSplayer Pro
[2011.01.29 17:47:33 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\budtour.com
[2011.08.29 12:04:02 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\CheckPoint
[2011.09.01 12:10:39 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1
[2011.09.10 21:25:39 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Complitly
[2011.07.11 10:47:47 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Day 1 Studios
[2011.08.07 21:02:09 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.28 22:53:53 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Emergency Soft
[2010.12.07 21:23:41 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ESET
[2011.03.27 16:31:07 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\FDRLab
[2011.10.08 19:54:56 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\FileHunter
[2011.09.12 22:00:04 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\GetRightToGo
[2010.12.05 20:27:29 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\GHISLER
[2011.09.19 16:49:02 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\go
[2011.11.14 17:58:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ICQ
[2011.05.25 15:24:05 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\IObit
[2010.12.05 20:23:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\IrfanView
[2011.09.09 21:26:20 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\J River
[2011.06.15 20:35:37 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Leadertech
[2011.09.19 14:50:34 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Modiac
[2011.01.15 16:11:14 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\MP3Rocket
[2011.06.07 18:46:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\MusicMP3Downloader
[2011.02.07 20:48:42 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\My Battle for Middle-earth Files
[2011.09.21 12:24:12 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Need for Speed World
[2010.12.11 20:07:12 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Participatory Culture Foundation
[2010.12.11 20:09:32 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PCF-VLC
[2011.02.07 11:28:35 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PhotoFiltre
[2011.07.17 15:32:22 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\QipGuard
[2011.01.29 17:45:51 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\qs
[2011.10.15 20:15:20 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SkyMonk
[2011.10.26 17:56:10 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Smart PDF Converter Pro
[2011.11.03 16:42:00 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Software602
[2011.06.07 16:03:50 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SuperMP3Download
[2011.09.03 23:01:12 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TeamViewer
[2011.03.04 23:13:03 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TuneUp Software
[2011.04.03 17:12:44 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Tunngle
[2011.07.11 13:08:22 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Utherverse
[2011.11.13 18:17:39 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent
[2011.10.31 19:43:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Vso
[2010.12.26 11:33:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Win7codecs
[2011.01.17 20:06:40 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Youtube Downloader HD
[2011.08.11 20:12:25 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Youtube to MP3 Converter
[2011.10.03 15:29:40 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\CheckPoint
[2011.10.03 15:29:55 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\TuneUp Software
[2011.09.26 08:15:42 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========


< >

< >


< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\ERDNT\cache64\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\ERDNT\cache86\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\ERDNT\cache64\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

< MD5 for: NDIS.SYS >
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\ERDNT\cache64\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache86\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\ERDNT\cache64\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\ERDNT\cache86\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[56 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ]
[9 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[65 C:\Windows\Internet Logs\*.tmp files -> C:\Windows\Internet Logs\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\339aec980b5c9414de1d9d4b33814d0a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\339aec980b5c9414de1d9d4b33814d0a\*.tmp -> ]
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[7 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[84 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2011.05.10 16:38:00 | 000,040,960 | ---- | M] () -- C:\GENBHNHL.EXE
[2011.05.10 16:38:00 | 000,339,968 | ---- | M] () -- C:\GFXPAK.EXE
[2011.05.10 16:38:00 | 000,077,824 | ---- | M] () -- C:\IMPBIG.EXE

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.11.03 16:43:49 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\602Installer
[2011.06.14 15:05:42 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Adobe
[2010.12.05 19:30:20 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ATI
[2011.05.29 21:37:02 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Babylon
[2011.01.29 19:24:53 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\BlackBean
[2011.07.17 22:07:51 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\BSplayer
[2011.07.17 22:03:28 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\BSplayer Pro
[2011.01.29 17:47:33 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\budtour.com
[2011.08.29 12:04:02 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\CheckPoint
[2011.09.01 12:10:39 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1
[2011.09.10 21:25:39 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Complitly
[2011.07.11 10:47:47 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Day 1 Studios
[2011.05.28 23:04:01 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Digsby
[2010.12.22 17:56:25 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DivX
[2011.08.07 21:02:09 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.28 22:53:53 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Emergency Soft
[2010.12.07 21:23:41 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ESET
[2011.03.27 16:31:07 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\FDRLab
[2011.10.08 19:54:56 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\FileHunter
[2011.09.12 22:00:04 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\GetRightToGo
[2010.12.05 20:27:29 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\GHISLER
[2011.09.19 16:49:02 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\go
[2011.05.10 17:03:47 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Hamachi
[2010.12.10 18:06:15 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\HP
[2011.11.14 17:58:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ICQ
[2010.12.05 19:20:58 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Identities
[2011.05.25 15:24:05 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\IObit
[2010.12.05 20:23:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\IrfanView
[2011.09.09 21:26:20 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\J River
[2011.06.15 20:35:37 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Leadertech
[2011.07.01 06:53:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Logishrd
[2011.07.01 06:53:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Logitech
[2010.12.05 20:09:20 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Macromedia
[2009.07.14 16:36:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Media Center Programs
[2011.08.29 11:06:24 | 000,000,000 | --SD | M] -- C:\Users\admin\AppData\Roaming\Microsoft
[2011.09.19 14:50:34 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Modiac
[2011.11.01 05:41:38 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Mozilla
[2011.01.15 16:11:14 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\MP3Rocket
[2011.06.07 18:46:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\MusicMP3Downloader
[2011.02.07 20:48:42 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\My Battle for Middle-earth Files
[2011.09.21 12:24:12 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Need for Speed World
[2010.12.06 20:24:03 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Nero
[2010.12.11 20:07:12 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Participatory Culture Foundation
[2010.12.11 20:09:32 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PCF-VLC
[2011.02.07 11:28:35 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PhotoFiltre
[2011.07.17 15:32:22 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\QipGuard
[2011.01.29 17:45:51 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\qs
[2011.10.15 20:15:20 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SkyMonk
[2011.11.14 19:26:08 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Skype
[2011.06.12 14:05:10 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\skypePM
[2011.10.26 17:56:10 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Smart PDF Converter Pro
[2011.11.03 16:42:00 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Software602
[2011.06.07 16:03:50 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SuperMP3Download
[2011.09.03 23:01:12 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TeamViewer
[2011.03.04 23:13:03 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TuneUp Software
[2011.04.03 17:12:44 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Tunngle
[2011.07.11 13:08:22 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Utherverse
[2011.11.13 18:17:39 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent
[2011.08.01 06:02:33 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Ventrilo
[2011.10.24 18:52:57 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\vlc
[2011.10.31 19:43:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Vso
[2010.12.26 11:33:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Win7codecs
[2010.12.06 19:34:04 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\WinRAR
[2011.01.17 20:06:40 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Youtube Downloader HD
[2011.08.11 20:12:25 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Youtube to MP3 Converter

< %APPDATA%\*.exe /s >
[2011.04.13 15:30:04 | 000,091,128 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Complitly\KeepMeUpdated.exe
[2011.04.13 15:30:04 | 000,091,128 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Complitly\64\KeepMeUpdated.exe
[2011.05.28 22:54:19 | 003,557,551 | ---- | M] (Emergency Soft) -- C:\Users\admin\AppData\Roaming\Emergency Soft\Online TVx\Updates\OnlineTVx_3.5.1_Setup.exe
[2011.09.01 12:12:15 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\admin\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.07.15 20:58:10 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\admin\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2011.02.11 21:42:54 | 000,010,134 | R--- | M] () -- C:\Users\admin\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe
[2011.10.29 20:02:22 | 000,010,134 | R--- | M] () -- C:\Users\admin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010.12.13 15:06:30 | 000,187,776 | ---- | M] (QIP.ru) -- C:\Users\admin\AppData\Roaming\QipGuard\QipGuard.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[7 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[7 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[7 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2011.05.10 16:38:00 | 000,040,960 | ---- | M] () -- C:\GENBHNHL.EXE
[2011.05.10 16:38:00 | 000,339,968 | ---- | M] () -- C:\GFXPAK.EXE
[2011.05.10 16:38:00 | 000,077,824 | ---- | M] () -- C:\IMPBIG.EXE

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"ISUSPM Startup" = c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup -- [2005.02.17 07:15:22 | 000,221,184 | ---- | M] (InstallShield Software Corporation)
"Google Update" = "C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.09.13 20:36:18 | 000,136,176 | ---- | M] (Google Inc.)
"Akamai NetSession Interface" = C:\Users\admin\AppData\Local\Akamai\netsession_win.exe -- [2011.11.12 01:48:40 | 003,303,000 | ---- | M] (Akamai Technologies, Inc)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.14 21:52:34 | 000,000,512 | ---- | M] () MD5=A8466E318FB0659B3717A293A887D22B -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.11.07 18:50:49 | 000,000,553 | ---- | M] () -- \Users\admin\AppData\Roaming\Microsoft\Windows\Recent\Battlefield 3 Crack.lnk
[2011.11.04 15:41:50 | 000,000,692 | ---- | M] () -- \Users\admin\AppData\Roaming\Microsoft\Windows\Recent\Monster.Trucks.Nitro.v2.1.0.Cracked.lnk
[2010.12.07 18:54:52 | 000,000,818 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Alcohol 120% All Version Crack.rar.torrent
[2011.01.01 22:34:27 | 000,003,459 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Alcohol_120__1.9.8.7612(Windows 7)_+_crack.rar.torrent
[2011.11.07 18:50:25 | 000,000,464 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Battlefield 3 Crack.rar.torrent
[2011.11.07 18:49:08 | 000,003,347 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Battlefield.3.CRACK.ONLY-RELOADED.torrent
[2011.06.16 15:54:18 | 000,003,312 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Dirt 3 -Crack Only.torrent
[2011.06.15 17:45:05 | 000,003,936 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.1.torrent
[2011.06.15 17:48:36 | 000,003,936 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.2.torrent
[2011.06.16 21:03:56 | 000,003,937 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.3.torrent
[2011.06.16 15:54:49 | 000,000,675 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.rar.torrent
[2011.06.01 12:48:37 | 000,003,733 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.torrent
[2010.12.21 18:47:07 | 000,000,972 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Euro Truck Simulator 2008 - Crack Only.torrent
[2011.06.06 16:56:54 | 000,001,166 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Farming Simulator 2011 no cd-crack - incl Keys.rar.torrent
[2011.07.11 10:42:47 | 000,004,699 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\FEAR.3-SKIDROW-CrackOnly.rar.torrent
[2010.12.07 20:01:52 | 000,008,172 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Mafia.II.Crack.Only-SKIDROW.torrent
[2011.08.24 07:33:59 | 000,011,441 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\McAfee AntiVirus Plus 2011 FULL no key no crack needed.zip.torrent
[2011.10.02 15:36:20 | 000,001,655 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Need For Speed world crack & keys.rar.1.torrent
[2011.09.14 14:24:54 | 000,001,622 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Need For Speed world crack & keys.rar.torrent
[2011.09.27 22:47:04 | 000,006,783 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.1.torrent
[2011.10.07 19:04:57 | 000,006,867 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.2.torrent
[2011.10.17 17:05:30 | 000,005,809 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.3.torrent
[2011.09.14 14:21:10 | 000,006,048 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.torrent
[2011.04.17 15:46:22 | 000,029,600 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\NEED.FOR.SPEED.UNDERGROUND+NO-CD.CRACK+PATCH+KEY.1.torrent
[2011.04.17 15:09:26 | 000,029,600 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\NEED.FOR.SPEED.UNDERGROUND+NO-CD.CRACK+PATCH+KEY.torrent
[2011.09.14 14:27:49 | 000,004,764 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\NeedForSpeedWorld Crack .zip.torrent
[2011.07.01 19:28:15 | 000,012,910 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\PC_GAME_Caesar_4_ENG+Crack.torrent
[2010.12.17 06:14:29 | 000,006,762 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\PES 11 Crack Only-RELOADED.torrent
[2011.05.01 16:44:17 | 000,001,606 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\RegCure 3.0.2 Software + Crack.1.torrent
[2011.04.28 15:53:54 | 000,002,014 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\RegCure 3.0.2 Software + Crack.torrent
[2011.02.26 21:24:28 | 000,005,347 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\test drive. unlimited 1.66 a crack - hatred.torrent
[2011.02.08 09:46:24 | 000,002,160 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Virtua.Tennis.2009.CRACK.ONLY.torrent
[2010.12.06 19:31:45 | 000,000,937 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\WinRAR 3.93+Crack (x64).zip.torrent

< *keygen* /s >
[2011.02.23 18:14:38 | 000,006,134 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\ConvertXtoDVD 3.3.4.106e And Keygen [1337x].1.torrent
[2011.02.23 18:11:01 | 000,006,134 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\ConvertXtoDVD 3.3.4.106e And Keygen [1337x].torrent
[2011.09.27 22:47:04 | 000,006,783 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.1.torrent
[2011.10.07 19:04:57 | 000,006,867 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.2.torrent
[2011.10.17 17:05:30 | 000,005,809 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.3.torrent
[2011.09.14 14:21:10 | 000,006,048 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.torrent
[2011.06.07 16:51:32 | 000,000,322 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Super MP3 Download 4.6.8.8 - Keygen.rar.torrent
[2011.09.04 21:01:48 | 000,000,618 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\TrackMania United Forever - KeyGen.exe.torrent
[2011.09.04 21:00:16 | 000,018,707 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\TrackMania.United.Forever + keygen [ISO].torrent
[2011.11.13 09:46:01 | 000,001,024 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\WOW CD Key Keygen.exe.1.torrent
[2011.11.13 06:40:04 | 000,001,024 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\WOW CD Key Keygen.exe.torrent

< *loader* /s >
[2011.11.13 10:10:13 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.08.19 15:31:38 | 001,139,824 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVideoSoft\Dll\HttpVideoDownloader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2007.09.26 19:37:48 | 000,107,816 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\Shared\NSCLoader.dll
[2009.05.21 20:21:18 | 000,007,507 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009.09.20 12:15:26 | 000,030,776 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009.09.20 12:15:26 | 000,002,713 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2011.09.15 20:47:29 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.09.15 20:47:29 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.09.15 20:47:29 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.6\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.09.15 20:47:51 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.6\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2009.09.25 13:00:00 | 000,001,849 | ---- | M] () -- \Program Files (x86)\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2011.10.10 09:01:22 | 001,178,504 | ---- | M] () -- \Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe
[2011.08.04 11:22:24 | 001,273,248 | ---- | M] () -- \Program Files (x86)\YouTube Song Downloader\YouTubeSongDownloader.exe
[2010.06.02 08:40:56 | 000,000,144 | ---- | M] () -- \Program Files (x86)\YouTube Song Downloader\YouTubeSongDownloader.exe.config
[2010.03.15 11:27:18 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.10.26 12:55:33 | 000,000,072 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.url
[2011.10.26 12:55:33 | 000,002,056 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2011.08.07 21:49:09 | 000,001,195 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Song Downloader\YouTube Song Downloader.lnk
[2007.09.18 11:59:00 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.09.09 20:21:09 | 000,002,417 | ---- | M] () -- \ProgramData\Skype Extras\Plugins\97E065B58DB34359BED4D223D737C7E9\loader.htm
[2011.11.14 11:03:58 | 000,000,928 | ---- | M] () -- \Users\admin\AppData\Local\SRDownloader.nast
[2011.10.24 16:44:43 | 000,001,825 | ---- | M] () -- \Users\admin\AppData\Local\Abelssoft\YouTube Song Downloader\YouTube Song Downloader.settings.xml
[33 \Users\admin\AppData\Local\Temp\*.tmp files -> \Users\admin\AppData\Local\Temp\*.tmp -> ]
[2010.12.23 14:39:25 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Alcohol_120_.data
[2011.01.22 18:53:14 | 000,001,288 | ---- | M] () -- \Users\admin\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Prince_of_Persia.data
[2011.01.22 18:53:00 | 000,000,843 | ---- | M] () -- \Users\admin\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Prince_of_Persia.data0
[2011.06.07 16:03:24 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Super_MP3_Download.data
[2011.03.19 11:49:26 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\GetRightToGo\Soft32Downloader-for-Tunngle.data
[2011.08.07 21:49:09 | 000,001,177 | ---- | M] () -- \Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube Song Downloader.lnk
[2011.08.18 15:24:50 | 000,010,145 | ---- | M] () -- \Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rwe7uvgb.default\conduitCommon\modules\3.6.0.10\ExternalLibraryLoader.jsm
[2011.11.07 12:19:44 | 000,010,144 | ---- | M] () -- \Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\modules\ExternalLibraryLoader.jsm
[2011.11.07 12:11:44 | 000,010,144 | ---- | M] () -- \Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\modules\ExternalLibraryLoader.jsm
[2011.06.07 18:51:57 | 000,003,258 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Music Mp3 Downloader 5.2.4.8 Software + Patch.torrent
[2011.07.03 13:36:31 | 000,000,041 | ---- | M] () -- \Users\admin\AppData\Roaming\Youtube Downloader HD\YouTubeDownloaderHD.ini
[2011.11.06 19:41:29 | 000,903,680 | ---- | M] () -- \Users\admin\Desktop\SRDownloader.exe
[2011.06.08 19:08:24 | 003,614,961 | ---- | M] () -- \Users\admin\Desktop\nove mp3\Toploader - Dancing in The Moonlight.mp3
[2011.06.08 19:08:24 | 003,614,961 | ---- | M] () -- \Users\admin\Documents\GTA San Andreas User Files\User Tracks\Toploader - Dancing in The Moonlight.mp3
[2011.10.26 12:55:33 | 000,000,072 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.url
[2011.10.26 12:55:33 | 000,002,056 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2011.08.07 21:49:09 | 000,001,195 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Song Downloader\YouTube Song Downloader.lnk
[2007.09.18 11:59:00 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.09.09 20:21:09 | 000,002,417 | ---- | M] () -- \Users\All Users\Skype Extras\Plugins\97E065B58DB34359BED4D223D737C7E9\loader.htm
[2011.10.26 12:55:33 | 000,001,122 | ---- | M] () -- \Users\Public\Desktop\YouTube Downloader.lnk
[2011.08.07 21:49:09 | 000,001,177 | ---- | M] () -- \Users\Public\Desktop\YouTube Song Downloader.lnk
[2011.11.13 10:30:18 | 000,003,846 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2011.01.29 19:14:36 | 000,000,000 | ---- | M] () -- \Windows\assembly\NativeImages1_v2.0.50727\GameSpy.Downloader\1.0.3764.32208__9a2037864b640668_e7c0a7de\GameSpy.Downloader.exe_
[2011.11.14 19:31:56 | 000,074,406 | ---- | M] () -- \Windows\Prefetch\YOUTUBEDOWNLOADER.EXE-BC832001.pf
[2011.11.14 19:24:48 | 000,253,446 | ---- | M] () -- \Windows\Prefetch\YOUTUBESONGDOWNLOADER.EXE-5FEEDDDF.pf
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011.02.05 14:09:50 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_9c05f879842e1792.manifest
[2011.02.05 14:05:03 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_9c6455949d6c2720.manifest
[2011.02.05 18:34:40 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_9deb553581556a27.manifest
[2011.02.05 14:10:12 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_9e73f1b69a73f09a.manifest
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1996.10.15 08:53:16 | 000,078,848 | ---- | M] () -- \Windows\System32\INLOADER.DLL
[7 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.06.10 14:42:32 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1996.10.15 08:53:16 | 000,078,848 | ---- | M] () -- \Windows\SysWOW64\INLOADER.DLL
[7 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2011.06.10 14:42:32 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.04.13 18:23:28 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.13 18:23:28 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.13 18:23:28 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.13 18:23:28 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.13 18:23:28 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

OTL Extras logfile created on: 14.11.2011 21:51:26 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 63,87% Memory free
6,99 Gb Paging File | 5,76 Gb Available in Paging File | 82,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,87 Gb Total Space | 256,78 Gb Free Space | 87,68% Space Free | Partition Type: NTFS
Drive D: | 638,54 Gb Total Space | 447,01 Gb Free Space | 70,00% Space Free | Partition Type: NTFS

Computer Name: PHENOM_II | User Name: admin | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1071306001-177135528-4153119601-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"FirewallOverride" = 0
"DisableThumbnailCache" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 0
"DisableThumbnailCache" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{14BC5667-22B0-4DC4-8205-597053BBDDC9}" = HP Photosmart C4200 All-In-One Driver Software 13.0 Rel. 1
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2BDF97-E0C7-75AE-29E1-5EA9DA262F2F}" = WMV9/VC-1 Video Playback
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A9B5F9E-CAF3-2264-9DA0-E374F9A34279}" = AMD Drag and Drop Transcoding
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE57C044-8912-A181-A0E4-BC2DAB3A092A}" = ATI Catalyst Install Manager
"{B2C5B378-546F-75A7-7757-C1EAAFAF9E33}" = ccc-utility64
"{BBA7005D-8C56-FFD3-81AE-D0481829BC70}" = AMD Fuel
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.30
"WinRAR archiver" = WinRAR archiver
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4
"{1B7D12BE-D1D8-4CCE-A01B-43CAFF8ECA9B}" = C4200
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 29
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0516.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5F8D5450-5BD8-4B8A-A1DE-8326C0395D5D}" = PS_AIO_Software_min
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{664D6E1D-2A6C-D54D-31A5-B6BC30CEB0C6}" = CCC Help English
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F8A555E-F2E1-415D-AD8A-67C0A7671029}" = Nero 8
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B9F5775-8C8C-2A4E-0CAB-74EA7AF5CB09}" = ccc-core-static
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_STANDARDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_STANDARDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_STANDARDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_STANDARDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_STANDARDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_STANDARDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A66DBCC6-8802-3D15-9FDF-9552742C08B0}" = Google Talk Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA945C94-285E-DE48-A30F-70105C6580DE}" = Catalyst Control Center Graphics Previews Common
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{AE4E8D53-2D05-4EB4-A1E7-FF48B8E76DDE}_is1" = AVI to 3GP
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.0517.1
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC29B835-95A5-3CD9-087B-F94D7B9ECC9B}" = Catalyst Control Center InstallProxy
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E0303B6A-C675-4102-95DA-C013625BFA99}" = GTA San Andreas
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E65CA2A8-1F2A-4400-AE55-FFD43D3B6980}" = c4200_Help
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"avast" = avast! Free Antivirus
"Clownfish" = Clownfish for Skype
"Complitly_is1" = Complitly
"conduitEngine" = Conduit Engine
"CzechWoW" = Český překlad WoW
"Digsby Donates" = Digsby Donates
"DM PATCH VISTA-REDEMAX 1.96" = DM PATCH VISTA-REDEMAX 1.96
"EADM" = EA Download Manager
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Guard.Mail.ru" = Guard.Mail.ru
"HiGames Toolbar" = HiGames Toolbar
"Hot_MP3 Toolbar" = Hot_MP3 Toolbar
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0516.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.0517.1
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"MailRuSputnik" = Mail.Ru Спутник 2.4.0.387
"Modiac MP3 to FLV Audio Converter" = Modiac MP3 to FLV Audio Converter
"Mozilla Firefox 8.0 (x86 cs)" = Mozilla Firefox 8.0 (x86 cs)
"Mp3 Knife_is1" = Mp3 Knife 3.2
"OpenAL" = OpenAL
"QIP Infium JadrisPack 5.2.0" = QIP Infium JadrisPack 5.2.0
"save2pc Light_is1" = save2pc Light 4.18
"Shockwave" = Shockwave
"STANDARDR" = Microsoft Office Standard 2007
"Stronghold 3_is1" = Stronghold 3
"szn-software-listicka" = Seznam Lištička (Všichni uživatelé tohoto počítače.)
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite" = Windows Live Essentials
"YouTube Song Downloader_is1" = YouTube Song Downloader
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Free" = ZoneAlarm Free

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1071306001-177135528-4153119601-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"PhotoFiltre" = PhotoFiltre
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Cracky\keygeny jsou nejlepsi cesta k zavirovani PC, nehlde na porusovani autorskeho zakona a pachani trestneho cinu - pokud se bude situace se spoustou warez prvku opakovat, muze byt pomoc odmitnuta

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - [2011.11.12 07:45:25 | 003,313,752 | ---- | M] () [Auto | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_dac4cfd.dll -- (Akamai)
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
  IE - HKLM\..\URLSearchHook: - No CLSID value found
  IE - HKLM\..\URLSearchHook: {64d23501-5195-4224-9446-e2b0fb64e859} - No CLSID value found
  IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKLM\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.)
  IE - HKLM\..\URLSearchHook: {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files (x86)\Hot_MP3\tbHot_.dll (Conduit Ltd.)
  IE - HKLM\..\URLSearchHook: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - SOFTWARE\Classes\CLSID\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\InprocServer32 File not found
  IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
  IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
  IE - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\..\URLSearchHook: {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files (x86)\Hot_MP3\tbHot_.dll (Conduit Ltd.)
  FF - prefs.js..browser.search.defaultenginename: "http://www.mail.ru/"
  FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Security Customized Web Search"
  FF - prefs.js..browser.search.defaulturl: "http://go.mail.ru/search?fr=fftb&utf8in&q="
  FF - prefs.js..browser.search.selectedEngine: "mail.ru: Поиск в Интернете"
  FF - prefs.js..browser.search.useDBForOrder: true
  FF - prefs.js..keyword.URL: "http://go.mail.ru/search?utf8in=1&fr=fftbUFix&q="
  FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found
  FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: File not found
  [2010.12.22 19:08:01 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
  [2011.09.10 21:25:40 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
  [2011.11.09 07:10:16 | 000,000,000 | ---D | M] (Спутник @Mail.Ru) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
  [2011.11.08 07:10:14 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
  [2011.11.07 07:10:12 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  [2011.11.08 07:10:15 | 000,000,000 | ---D | M] (ZoneAlarm Security Community Toolbar) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
  [2011.05.29 20:48:30 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\engine@conduit.com
  [2011.05.28 23:03:52 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
  [2011.08.16 08:45:27 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchvsl.xml
  O2 - BHO: (MailRuBHO Class) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll (@Mail.Ru)
  O2 - BHO: (Hot MP3 Toolbar) - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files (x86)\Hot_MP3\tbHot_.dll (Conduit Ltd.)
  O3 - HKLM\..\Toolbar: (Спутник@Mail.Ru) - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll (@Mail.Ru)
  O3 - HKLM\..\Toolbar: (Reg Error: Value error.) - {30F9B915-B755-4826-820B-08FBA6BD249D} - Reg Error: Value error. File not found
  O3 - HKLM\..\Toolbar: (Hot MP3 Toolbar) - {9384bd4c-dd14-4be9-80f7-f6277511e4f5} - C:\Program Files (x86)\Hot_MP3\tbHot_.dll (Conduit Ltd.)
  O3 - HKLM\..\Toolbar: (Reg Error: Value error.) - Locked - Reg Error: Value error. File not found
  O3 - HKU\S-1-5-21-1071306001-177135528-4153119601-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
  O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
  O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found
  O18:64bit: - Protocol\Handler\livecall - No CLSID value found
  O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
  O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
  O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
  O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
  O18:64bit: - Protocol\Handler\msnim - No CLSID value found
  O18:64bit: - Protocol\Handler\sacore - No CLSID value found
  O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
  O18 - Protocol\Handler\dssrequest - No CLSID value found
  O18 - Protocol\Handler\gopher - No CLSID value found
  O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  [2011.11.09 21:07:06 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Akamai
  [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  [3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [56 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ]
  [9 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
  [65 C:\Windows\Internet Logs\*.tmp files -> C:\Windows\Internet Logs\*.tmp -> ]
  [2 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\339aec980b5c9414de1d9d4b33814d0a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\339aec980b5c9414de1d9d4b33814d0a\*.tmp -> ]
  [7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
  [7 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
  [84 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
  [1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
  [2011.05.10 16:38:00 | 000,040,960 | ---- | M] () -- C:\GENBHNHL.EXE
  [2011.05.10 16:38:00 | 000,339,968 | ---- | M] () -- C:\GFXPAK.EXE
  [2011.05.10 16:38:00 | 000,077,824 | ---- | M] () -- C:\IMPBIG.EXE
  @Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
  
  :services
  ICQ Service
  
  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "ISUSPM Startup"=-
  "Google Update"=-
  "Akamai NetSession Interface"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
  ""=-
  
  :files
  C:\Program Files (x86)\ICQ6Toolbar
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1071306001-177135528-4153119601-1001Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1071306001-177135528-4153119601-1001UA.job
  c:\program files (x86)\common files\akamai
  C:\Users\admin\AppData\Local\Akamai
  *crack* /s
  *keygen* /s
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
Service Akamai stopped successfully!
Service Akamai deleted successfully!
c:\program files (x86)\common files\akamai/netsession_win_dac4cfd.dll moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{64d23501-5195-4224-9446-e2b0fb64e859} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64d23501-5195-4224-9446-e2b0fb64e859}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{91da5e8a-3318-4f8c-b67e-5964de3ab546} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\ not found.
File C:\Program Files (x86)\ZoneAlarm_Security\prxtbZone.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{9384bd4c-dd14-4be9-80f7-f6277511e4f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}\ deleted successfully.
C:\Program Files (x86)\Hot_MP3\tbHot_.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ce18769b-c7fa-42d2-860d-17c4662c70ad} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-1071306001-177135528-4153119601-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1071306001-177135528-4153119601-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1071306001-177135528-4153119601-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{9384bd4c-dd14-4be9-80f7-f6277511e4f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}\ not found.
File C:\Program Files (x86)\Hot_MP3\tbHot_.dll not found.
Prefs.js: "http://www.mail.ru/" removed from browser.search.defaultenginename
Prefs.js: "ZoneAlarm Security Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://go.mail.ru/search?fr=fftb&utf8in&q=" removed from browser.search.defaulturl
Prefs.js: "mail.ru: Поиск в Интернете" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://go.mail.ru/search?utf8in=1&fr=fftbUFix&q=" removed from keyword.URL
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=8\ deleted successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\defaults\preferences folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\defaults folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\META-INF folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\lib folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\defaults\preferences folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\defaults folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\components folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\skin\weather folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\skin\services folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\skin\currencies folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\skin folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\locale\ru-RU\sputnik folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\locale\ru-RU folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\locale folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\form folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\content\sputnik folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\content folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\searchplugin folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\modules folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\META-INF folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\defaults folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\chrome folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
Folder C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\ not found.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\rwe7uvgb.default\extensions\engine@conduit.com folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchvsl.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8984B388-A5BB-4DF7-B274-77B879E179DB}\ deleted successfully.
C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}\ not found.
File C:\Program Files (x86)\Hot_MP3\tbHot_.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{09900DE8-1DCA-443F-9243-26FF581438AF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09900DE8-1DCA-443F-9243-26FF581438AF}\ deleted successfully.
File C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9384bd4c-dd14-4be9-80f7-f6277511e4f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}\ not found.
File C:\Program Files (x86)\Hot_MP3\tbHot_.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1071306001-177135528-4153119601-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\dssrequest\ deleted successfully.
File Protocol\Handler\dssrequest - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore\ deleted successfully.
File Protocol\Handler\sacore - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\dssrequest\ not found.
File Protocol\Handler\dssrequest - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\gopher\ deleted successfully.
File Protocol\Handler\gopher - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\Users\admin\AppData\Local\Akamai\Logs\dump folder moved successfully.
C:\Users\admin\AppData\Local\Akamai\Logs folder moved successfully.
C:\Users\admin\AppData\Local\Akamai\Languages folder moved successfully.
C:\Users\admin\AppData\Local\Akamai\Cache folder moved successfully.
C:\Users\admin\AppData\Local\Akamai folder moved successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F14.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8120.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA572.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEB38.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF325.tmp folder deleted successfully.
C:\Windows\Fonts\~GLH0006.TMP deleted successfully.
C:\Windows\Fonts\~GLH0007.TMP deleted successfully.
C:\Windows\Fonts\~GLH000b.TMP deleted successfully.
C:\Windows\Fonts\~GLH000d.TMP deleted successfully.
C:\Windows\Fonts\~GLH0010.TMP deleted successfully.
C:\Windows\Fonts\~GLH0011.TMP deleted successfully.
C:\Windows\Fonts\~GLH0012.TMP deleted successfully.
C:\Windows\Fonts\~GLH0013.TMP deleted successfully.
C:\Windows\Fonts\~GLH0014.TMP deleted successfully.
C:\Windows\Fonts\~GLH0015.TMP deleted successfully.
C:\Windows\Fonts\~GLH0017.TMP deleted successfully.
C:\Windows\Fonts\~GLH0018.TMP deleted successfully.
C:\Windows\Fonts\~GLH0019.TMP deleted successfully.
C:\Windows\Fonts\~GLH001b.TMP deleted successfully.
C:\Windows\Fonts\~GLH001c.TMP deleted successfully.
C:\Windows\Fonts\~GLH001d.TMP deleted successfully.
C:\Windows\Fonts\~GLH001e.TMP deleted successfully.
C:\Windows\Fonts\~GLH001f.TMP deleted successfully.
C:\Windows\Fonts\~GLH0020.TMP deleted successfully.
C:\Windows\Fonts\~GLH0021.TMP deleted successfully.
C:\Windows\Fonts\~GLH0022.TMP deleted successfully.
C:\Windows\Fonts\~GLH0023.TMP deleted successfully.
C:\Windows\Fonts\~GLH0024.TMP deleted successfully.
C:\Windows\Fonts\~GLH0026.TMP deleted successfully.
C:\Windows\Fonts\~GLH0027.TMP deleted successfully.
C:\Windows\Fonts\~GLH0028.TMP deleted successfully.
C:\Windows\Fonts\~GLH0029.TMP deleted successfully.
C:\Windows\Fonts\~GLH002a.TMP deleted successfully.
C:\Windows\Fonts\~GLH002b.TMP deleted successfully.
C:\Windows\Fonts\~GLH002e.TMP deleted successfully.
C:\Windows\Fonts\~GLH0031.TMP deleted successfully.
C:\Windows\Fonts\~GLH0032.TMP deleted successfully.
C:\Windows\Fonts\~GLH0033.TMP deleted successfully.
C:\Windows\Fonts\~GLH0034.TMP deleted successfully.
C:\Windows\Fonts\~GLH0035.TMP deleted successfully.
C:\Windows\Fonts\~GLH0036.TMP deleted successfully.
C:\Windows\Fonts\~GLH0037.TMP deleted successfully.
C:\Windows\Fonts\~GLH0038.TMP deleted successfully.
C:\Windows\Fonts\~GLH0039.TMP deleted successfully.
C:\Windows\Fonts\~GLH003a.TMP deleted successfully.
C:\Windows\Fonts\~GLH003b.TMP deleted successfully.
C:\Windows\Fonts\~GLH003c.TMP deleted successfully.
C:\Windows\Fonts\~GLH003e.TMP deleted successfully.
C:\Windows\Fonts\~GLH0043.TMP deleted successfully.
C:\Windows\Fonts\~GLH0044.TMP deleted successfully.
C:\Windows\Fonts\~GLH0045.TMP deleted successfully.
C:\Windows\Fonts\~GLH004a.TMP deleted successfully.
C:\Windows\Fonts\~GLH004d.TMP deleted successfully.
C:\Windows\Fonts\~GLH004e.TMP deleted successfully.
C:\Windows\Fonts\~GLH004f.TMP deleted successfully.
C:\Windows\Fonts\~GLH0050.TMP deleted successfully.
C:\Windows\Fonts\~GLH0051.TMP deleted successfully.
C:\Windows\Fonts\~GLH0055.TMP deleted successfully.
C:\Windows\Fonts\~GLH0056.TMP deleted successfully.
C:\Windows\Fonts\~GLH0057.TMP deleted successfully.
C:\Windows\Fonts\~GLH0058.TMP deleted successfully.
C:\Windows\Installer\MSI21D7.tmp deleted successfully.
C:\Windows\Installer\MSI32D4.tmp deleted successfully.
C:\Windows\Installer\MSI34B7.tmp deleted successfully.
C:\Windows\Installer\MSI5592.tmp deleted successfully.
C:\Windows\Installer\MSI6C8D.tmp deleted successfully.
C:\Windows\Installer\MSI7E19.tmp deleted successfully.
C:\Windows\Installer\MSI9B7.tmp deleted successfully.
C:\Windows\Installer\MSIB38.tmp deleted successfully.
C:\Windows\Installer\MSID592.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltBF8C.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltFA2B.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\339aec980b5c9414de1d9d4b33814d0a\BITCAE2.tmp deleted successfully.
C:\Windows\System32\ConduitEngine.tmp deleted successfully.
C:\Windows\System32\RENDDEA.tmp deleted successfully.
C:\Windows\System32\suf7330.tmp deleted successfully.
C:\Windows\System32\tmpB404.tmp deleted successfully.
C:\Windows\System32\tmpB405.tmp deleted successfully.
C:\Windows\System32\tmpC10E.tmp deleted successfully.
C:\Windows\System32\tmpC10F.tmp deleted successfully.
C:\Windows\temp\Cab2240.tmp deleted successfully.
C:\Windows\temp\Cab29E.tmp deleted successfully.
C:\Windows\temp\Cab2EC.tmp deleted successfully.
C:\Windows\temp\Cab383E.tmp deleted successfully.
C:\Windows\temp\Cab3E.tmp deleted successfully.
C:\Windows\temp\Cab7DC.tmp deleted successfully.
C:\Windows\temp\Cab888.tmp deleted successfully.
C:\Windows\temp\Cab9F89.tmp deleted successfully.
C:\Windows\temp\CabA082.tmp deleted successfully.
C:\Windows\temp\CabAA19.tmp deleted successfully.
C:\Windows\temp\CabAC93.tmp deleted successfully.
C:\Windows\temp\CabBA87.tmp deleted successfully.
C:\Windows\temp\CabC235.tmp deleted successfully.
C:\Windows\temp\CabC30F.tmp deleted successfully.
C:\Windows\temp\CabC541.tmp deleted successfully.
C:\Windows\temp\CabC7A1.tmp deleted successfully.
C:\Windows\temp\CabCA02.tmp deleted successfully.
C:\Windows\temp\CabCFEC.tmp deleted successfully.
C:\Windows\temp\CabD70D.tmp deleted successfully.
C:\Windows\temp\CabD87.tmp deleted successfully.
C:\Windows\temp\CabD97C.tmp deleted successfully.
C:\Windows\temp\CabDE8B.tmp deleted successfully.
C:\Windows\temp\CabE9B2.tmp deleted successfully.
C:\Windows\temp\CabEA3E.tmp deleted successfully.
C:\Windows\temp\CabEA9C.tmp deleted successfully.
C:\Windows\temp\CabEBF3.tmp deleted successfully.
C:\Windows\temp\CabF305.tmp deleted successfully.
C:\Windows\temp\CabF4AA.tmp deleted successfully.
C:\Windows\temp\CabF4C9.tmp deleted successfully.
C:\Windows\temp\CabF566.tmp deleted successfully.
C:\Windows\temp\CabFD90.tmp deleted successfully.
C:\Windows\temp\SPL5EB2.tmp deleted successfully.
C:\Windows\temp\SPL60B6.tmp deleted successfully.
C:\Windows\temp\SPL645F.tmp deleted successfully.
C:\Windows\temp\SPL675C.tmp deleted successfully.
C:\Windows\temp\SPL83F9.tmp deleted successfully.
C:\Windows\temp\SPL8496.tmp deleted successfully.
C:\Windows\temp\SPL84C6.tmp deleted successfully.
C:\Windows\temp\SPL8563.tmp deleted successfully.
C:\Windows\temp\SPL907B.tmp deleted successfully.
C:\Windows\temp\SPL9608.tmp deleted successfully.
C:\Windows\temp\SPL9A3D.tmp deleted successfully.
C:\Windows\temp\SPL9CFC.tmp deleted successfully.
C:\Windows\temp\SPLBDE5.tmp deleted successfully.
C:\Windows\temp\SPLBE91.tmp deleted successfully.
C:\Windows\temp\SPLBFCA.tmp deleted successfully.
C:\Windows\temp\SPLC0F4.tmp deleted successfully.
C:\Windows\temp\Tar2241.tmp deleted successfully.
C:\Windows\temp\Tar29F.tmp deleted successfully.
C:\Windows\temp\Tar2ED.tmp deleted successfully.
C:\Windows\temp\Tar383F.tmp deleted successfully.
C:\Windows\temp\Tar3F.tmp deleted successfully.
C:\Windows\temp\Tar7DD.tmp deleted successfully.
C:\Windows\temp\Tar889.tmp deleted successfully.
C:\Windows\temp\Tar9F99.tmp deleted successfully.
C:\Windows\temp\TarA083.tmp deleted successfully.
C:\Windows\temp\TarAA1A.tmp deleted successfully.
C:\Windows\temp\TarAC94.tmp deleted successfully.
C:\Windows\temp\TarBA88.tmp deleted successfully.
C:\Windows\temp\TarC236.tmp deleted successfully.
C:\Windows\temp\TarC310.tmp deleted successfully.
C:\Windows\temp\TarC542.tmp deleted successfully.
C:\Windows\temp\TarC7A2.tmp deleted successfully.
C:\Windows\temp\TarCA03.tmp deleted successfully.
C:\Windows\temp\TarCFED.tmp deleted successfully.
C:\Windows\temp\TarD73C.tmp deleted successfully.
C:\Windows\temp\TarD88.tmp deleted successfully.
C:\Windows\temp\TarD97D.tmp deleted successfully.
C:\Windows\temp\TarDE8C.tmp deleted successfully.
C:\Windows\temp\TarE9B3.tmp deleted successfully.
C:\Windows\temp\TarEA3F.tmp deleted successfully.
C:\Windows\temp\TarEA9D.tmp deleted successfully.
C:\Windows\temp\TarEBF4.tmp deleted successfully.
C:\Windows\temp\TarF306.tmp deleted successfully.
C:\Windows\temp\TarF4AB.tmp deleted successfully.
C:\Windows\temp\TarF4E9.tmp deleted successfully.
C:\Windows\temp\TarF567.tmp deleted successfully.
C:\Windows\temp\TarFDA0.tmp deleted successfully.
C:\Windows\temp\ZLT005b0.TMP deleted successfully.
File delete failed. C:\Windows\temp\ZLT014c8.TMP scheduled to be deleted on reboot.
C:\Windows\temp\ZLT01516.TMP deleted successfully.
C:\Windows\temp\ZLT01f48.TMP deleted successfully.
C:\Windows\temp\ZLT02cfe.TMP deleted successfully.
C:\Windows\temp\ZLT0316b.TMP deleted successfully.
C:\Windows\temp\ZLT04c9e.TMP deleted successfully.
C:\Windows\temp\ZLT05368.TMP deleted successfully.
C:\Windows\temp\ZLT05917.TMP deleted successfully.
C:\Windows\temp\ZLT05b67.TMP deleted successfully.
C:\Windows\temp\ZLT05d7e.TMP deleted successfully.
C:\Windows\temp\ZLT05e6a.TMP deleted successfully.
C:\Windows\temp\ZLT063dd.TMP deleted successfully.
C:\Windows\temp\ZLT06837.TMP deleted successfully.
C:\Windows\temp\ZLT069e7.TMP deleted successfully.
C:\Windows\temp\ZLT07b8a.TMP deleted successfully.
C:\Windows\temp\ZLT07bd0.TMP deleted successfully.
C:\Windows\twain_32\hpqgnds2.tmp deleted successfully.
C:\GENBHNHL.EXE moved successfully.
C:\GFXPAK.EXE moved successfully.
C:\IMPBIG.EXE moved successfully.
ADS C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named ICQ Service was found to stop!
Service\Driver key ICQ Service not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\\ deleted successfully.
========== FILES ==========
C:\Program Files (x86)\ICQ6Toolbar folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1071306001-177135528-4153119601-1001Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1071306001-177135528-4153119601-1001UA.job moved successfully.
c:\program files (x86)\common files\Akamai\Logs\dump folder moved successfully.
c:\program files (x86)\common files\Akamai\Logs folder moved successfully.
c:\program files (x86)\common files\Akamai\Languages folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache\csdstatic.cdn.ea.com\blackbox\u\f\nfswo\client\rel_5_593\trackshigh folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache\csdstatic.cdn.ea.com\blackbox\u\f\nfswo\client\rel_5_593\tracks folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache\csdstatic.cdn.ea.com\blackbox\u\f\nfswo\client\rel_5_593\en folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache\csdstatic.cdn.ea.com\blackbox\u\f\nfswo\client\rel_5_593 folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache\csdstatic.cdn.ea.com\blackbox\u\f\nfswo\client folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache\csdstatic.cdn.ea.com\blackbox\u\f\nfswo folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache\csdstatic.cdn.ea.com\blackbox\u\f folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache\csdstatic.cdn.ea.com\blackbox\u folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache\csdstatic.cdn.ea.com\blackbox folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache\csdstatic.cdn.ea.com folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache folder moved successfully.
c:\program files (x86)\common files\Akamai folder moved successfully.
File\Folder C:\Users\admin\AppData\Local\Akamai not found.
File move failed. \Users\admin\AppData\Roaming\Microsoft\Windows\Recent\Battlefield 3 Crack.lnk scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\Microsoft\Windows\Recent\Monster.Trucks.Nitro.v2.1.0.Cracked.lnk scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Alcohol 120% All Version Crack.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Alcohol_120__1.9.8.7612(Windows 7)_+_crack.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Battlefield 3 Crack.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Battlefield.3.CRACK.ONLY-RELOADED.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt 3 -Crack Only.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.2.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.3.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Euro Truck Simulator 2008 - Crack Only.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Farming Simulator 2011 no cd-crack - incl Keys.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\FEAR.3-SKIDROW-CrackOnly.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Mafia.II.Crack.Only-SKIDROW.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\McAfee AntiVirus Plus 2011 FULL no key no crack needed.zip.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need For Speed world crack & keys.rar.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need For Speed world crack & keys.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.2.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.3.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\NEED.FOR.SPEED.UNDERGROUND+NO-CD.CRACK+PATCH+KEY.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\NEED.FOR.SPEED.UNDERGROUND+NO-CD.CRACK+PATCH+KEY.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\NeedForSpeedWorld Crack .zip.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\PC_GAME_Caesar_4_ENG+Crack.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\PES 11 Crack Only-RELOADED.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\RegCure 3.0.2 Software + Crack.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\RegCure 3.0.2 Software + Crack.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\test drive. unlimited 1.66 a crack - hatred.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Virtua.Tennis.2009.CRACK.ONLY.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\WinRAR 3.93+Crack (x64).zip.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\ConvertXtoDVD 3.3.4.106e And Keygen [1337x].1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\ConvertXtoDVD 3.3.4.106e And Keygen [1337x].torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.2.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.3.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Super MP3 Download 4.6.8.8 - Keygen.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\TrackMania United Forever - KeyGen.exe.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\TrackMania.United.Forever + keygen [ISO].torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\WOW CD Key Keygen.exe.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\WOW CD Key Keygen.exe.torrent scheduled to be moved on reboot.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: admin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 794028625 bytes
->Java cache emptied: 1434533 bytes
->FireFox cache emptied: 207706264 bytes
->Google Chrome cache emptied: 390056100 bytes
->Flash cache emptied: 98052 bytes

User: All Users

User: AppData
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 1222495 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3699534 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 1065038716 bytes

Total Files Cleaned = 2 349,00 mb


[EMPTYFLASH]

User: admin
->Flash cache emptied: 0 bytes

User: All Users

User: AppData

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11152011_195908

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\ZLT014c8.TMP not found!
File move failed. \Users\admin\AppData\Roaming\Microsoft\Windows\Recent\Battlefield 3 Crack.lnk scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\Microsoft\Windows\Recent\Monster.Trucks.Nitro.v2.1.0.Cracked.lnk scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Alcohol 120% All Version Crack.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Alcohol_120__1.9.8.7612(Windows 7)_+_crack.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Battlefield 3 Crack.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Battlefield.3.CRACK.ONLY-RELOADED.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt 3 -Crack Only.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.2.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.3.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Dirt.3 SKIDROW - Crack Only.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Euro Truck Simulator 2008 - Crack Only.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Farming Simulator 2011 no cd-crack - incl Keys.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\FEAR.3-SKIDROW-CrackOnly.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Mafia.II.Crack.Only-SKIDROW.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\McAfee AntiVirus Plus 2011 FULL no key no crack needed.zip.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need For Speed world crack & keys.rar.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need For Speed world crack & keys.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.2.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.3.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Need for Speed World Online Crack+Hack+KeyGen.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\NEED.FOR.SPEED.UNDERGROUND+NO-CD.CRACK+PATCH+KEY.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\NEED.FOR.SPEED.UNDERGROUND+NO-CD.CRACK+PATCH+KEY.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\NeedForSpeedWorld Crack .zip.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\PC_GAME_Caesar_4_ENG+Crack.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\PES 11 Crack Only-RELOADED.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\RegCure 3.0.2 Software + Crack.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\RegCure 3.0.2 Software + Crack.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\test drive. unlimited 1.66 a crack - hatred.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Virtua.Tennis.2009.CRACK.ONLY.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\WinRAR 3.93+Crack (x64).zip.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\ConvertXtoDVD 3.3.4.106e And Keygen [1337x].1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\ConvertXtoDVD 3.3.4.106e And Keygen [1337x].torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\Super MP3 Download 4.6.8.8 - Keygen.rar.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\TrackMania United Forever - KeyGen.exe.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\TrackMania.United.Forever + keygen [ISO].torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\WOW CD Key Keygen.exe.1.torrent scheduled to be moved on reboot.
File move failed. \Users\admin\AppData\Roaming\uTorrent\WOW CD Key Keygen.exe.torrent scheduled to be moved on reboot.
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\rwe7uvgb.default\startupCache\startupCache.4.little moved successfully.
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\rwe7uvgb.default\Cache\_CACHE_001_ moved successfully.
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\rwe7uvgb.default\Cache\_CACHE_002_ moved successfully.
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\rwe7uvgb.default\Cache\_CACHE_003_ moved successfully.
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\rwe7uvgb.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\rwe7uvgb.default\urlclassifier3.sqlite moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Jak se chova PC

počítač se chová stejně, žádné změny, jen mám pořád problém s Avastem, když zadám hloubkovou analýzu, vždycky mi po cca 15 min skočí do blue screen...nevíte, kde je problém?

Avast odinstalujte, pak to prozente jeste removerem http://files.avast.com/files/eng/aswclear.exe

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

Zkuste jej nainstalovat znovu

pořád stejné, navíc začali mizet ikony z plochy..

Zabalte mi obsah slozky c:\windows\minidump a nekam uploadnete

složka je prázdná?!