Zdravím,
takže stal jsem se také obětí viru, který koluje na FB.
Projevuje se samovolným vyskakováním oken, s reklamními a FB aplikacemi.
Pokud to pomůže, kliknul jsem na totožný odkaz, jako zde již psal ve svém vlákně uživatel "shatterhand" , tento odkaz velmi vehementně koloval v několika příspěvcích mých přátel, tudíž vir je nejspíše už dobře rozšířen.
-----------------------------
Log s RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Vasek at 2012-01-14 11:04:39
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 208 GB (22%) free of 954 GB
Total RAM: 4094 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:05:32, on 14.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\AIDA64 Extreme Edition v1.70.1405 beta\aida64.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
C:\Program Files (x86)\Last.fm\LastFM.exe
C:\Program Files (x86)\EasyPHP-5.3.6.0\EasyPHP-5.3.6.0.exe
C:\PROGRA~2\EASYPH~1.0\Apache\bin\apache.exe
C:\PROGRA~2\EASYPH~1.0\MySql\bin\mysqld.exe
C:\PROGRA~2\EASYPH~1.0\Apache\bin\apache.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vasek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 87.117.135.86:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Vasek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AdobeBridge] "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Arp Intelligent Protection Service (AIPS) - Arcai.com - C:\Program Files (x86)\netcut\services\AIPS.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GtDetectSc Service (gtdetectsc) - OptionNV - C:\Windows\SysWOW64\gtdetectsc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\Windows\SysWOW64\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\Windows\SysWOW64\lktsrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\Windows\SysWOW64\nisvcloc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13029 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG10\avgchsva.exe /boot
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\netcut\services\AIPS.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\ASDR.exe
"C:\Program Files (x86)\AVG\AVG10\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\gtdetectsc.exe
C:\Windows\system32\svchost.exe -k bthaudiosvc
C:\Windows\SysWOW64\lkcitdl.exe
C:\Windows\SysWOW64\lkads.exe
C:\Windows\SysWOW64\lktsrv.exe
"C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe"
C:\Windows\SysWOW64\nisvcloc.exe -s
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe"
"C:\Program Files (x86)\AVG\AVG10\avgam.exe"
"C:\Program Files (x86)\AVG\AVG10\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG10\avgemca.exe"
\??\C:\Windows\system32\conhost.exe "-153076452214077952413731690013340128091745454707-91901887611296920422144675369
WLIDSvcM.exe 2396
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe /pipeName=5f546f22-9780-4a14-827f-fe33292f9f75 /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG10\temp\f506382a-05cd-4967-942b-fd22b4321431-aa0-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10" /tempPath="C:\ProgramData\AVG10\temp\"
atieclxx
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe" /start
"C:\Program Files (x86)\netcut\netcut.exe"
taskeng.exe {5494DA9E-D9DF-4715-8AA2-7A5859D29BF7}
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" nostartupscreen
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\AVG\AVG10\avgtray.exe"
"C:\Program Files (x86)\AIDA64 Extreme Edition v1.70.1405 beta\aida64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe /pipeName=16448c43-0b75-4976-971a-764bed741342 /coreSdkOptions=30 /logConfFile="C:\ProgramData\AVG10\temp\54ec114f-2def-4322-828b-a628e978fa52-17b4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10" /tempPath="C:\ProgramData\AVG10\temp\"
"C:\Program Files (x86)\Last.fm\LastFM.exe" --tray
"C:\Program Files (x86)\EasyPHP-5.3.6.0\EasyPHP-5.3.6.0.exe"
C:\PROGRA~2\EASYPH~1.0\Apache\bin\apache.exe
\??\C:\Windows\system32\conhost.exe "-10629550584486981912013734199668653681791479368-783748988-267286117-392587205
C:\PROGRA~2\EASYPH~1.0\MySql\bin\mysqld.exe --defaults-file="C:\PROGRA~2\EASYPH~1.0\MySql\my.ini" --language=english
C:\PROGRA~2\EASYPH~1.0\Apache\bin\apache.exe -d "C:/Program Files (x86)/EasyPHP-5.3.6.0/apache"
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/UmaControlB/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --extension-process --enable-print-preview --channel=7280.03FA1540.789339212 /prefetch:3
"C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll" --lang=cs --channel=7280.03F51B90.1791773335 /prefetch:4
C:\Windows\system32\rundll32.exe "C:\Users\Vasek\AppData\Local\Google\Chrome\APPLIC~1\170963~1.33\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\gcswf32.dll" --lang=cs --channel=7280.03F51780.216792650 --flash-broker=9200 /prefetch:4
"C:\Users\Vasek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/UmaControlB/Prefetch/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndDynamic/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=7280.0B99B000.1878419582 /prefetch:3
"C:\Users\Vasek\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\AutoKMSDaily.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3462720487-3478806260-676090027-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3462720487-3478806260-676090027-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\1f95ao1e.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPLV80Win32.dll
NPLV82Win32.dll
nppdf32.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\1f95ao1e.default\extensions\
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [2011-09-09 3561824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2011-09-09 2276704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-02 11545192]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Google Update"=C:\Users\Vasek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-10 136176]
"AdobeBridge"=C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe [2010-03-09 11989960]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2011-12-15 1242448]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Vasek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-10 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.5\ICQ.exe [2011-08-01 124480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-07-21 17357448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-07 343168]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2011-09-10 2338656]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-01-14 11:04:40 ----D---- C:\Program Files\trend micro
2012-01-14 11:04:39 ----D---- C:\rsit
2012-01-12 21:38:08 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2012-01-12 21:11:11 ----DC---- C:\Windows\system32\DRVSTORE
2012-01-12 21:11:11 ----A---- C:\Windows\system32\drivers\Lbd.sys
2012-01-12 21:11:02 ----D---- C:\ProgramData\Lavasoft
2012-01-12 21:11:02 ----D---- C:\Program Files (x86)\Lavasoft
2012-01-12 20:11:05 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-01-12 20:11:05 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2012-01-11 18:23:48 ----D---- C:\Program Files (x86)\PDF Unlocker
2012-01-11 18:13:16 ----D---- C:\Program Files (x86)\Kernel for PDF Restriction Removal
2012-01-11 17:58:45 ----D---- C:\Users\Vasek\AppData\Roaming\EurekaLog
2012-01-11 17:50:52 ----D---- C:\Users\Vasek\AppData\Roaming\pdf2image2009
2012-01-11 17:50:52 ----D---- C:\Program Files (x86)\PdfSvg
2012-01-11 16:21:01 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-01-11 16:21:01 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-01-11 16:21:01 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 16:21:01 ----A---- C:\Windows\system32\qdvd.dll
2012-01-11 16:19:30 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-01-11 16:19:30 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 16:18:37 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-01-11 16:18:37 ----A---- C:\Windows\system32\packager.dll
2012-01-10 14:21:27 ----D---- C:\Program Files (x86)\netcut
2012-01-08 20:11:22 ----A---- C:\Windows\WORDPAD.INI
2012-01-07 17:22:10 ----D---- C:\Users\Vasek\AppData\Roaming\GemX eBooks
2012-01-06 15:29:41 ----D---- C:\Users\Vasek\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-12-23 20:46:53 ----D---- C:\Program Files (x86)\Counter-Strike Source
2011-12-23 17:18:42 ----D---- C:\Program Files (x86)\DotAlicious Gaming Client
2011-12-22 15:06:47 ----D---- C:\Program Files (x86)\KFPUB.COM
2011-12-21 18:52:46 ----A---- C:\Windows\ARPR.INI
2011-12-21 18:52:20 ----D---- C:\Program Files (x86)\ElcomSoft
2011-12-15 18:31:17 ----D---- C:\Program Files (x86)\Steam
2011-12-15 03:01:53 ----A---- C:\Windows\SYSWOW64\url.dll
2011-12-15 03:01:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-12-15 03:01:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-12-15 03:01:53 ----A---- C:\Windows\system32\url.dll
2011-12-15 03:01:53 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-15 03:01:53 ----A---- C:\Windows\system32\iertutil.dll
2011-12-15 03:01:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-12-15 03:01:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-12-15 03:01:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-12-15 03:01:52 ----A---- C:\Windows\system32\wininet.dll
2011-12-15 03:01:52 ----A---- C:\Windows\system32\urlmon.dll
2011-12-15 03:01:52 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-15 03:01:52 ----A---- C:\Windows\system32\ieui.dll
2011-12-15 03:01:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-12-15 03:01:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-12-15 03:01:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-12-15 03:01:51 ----A---- C:\Windows\system32\jscript9.dll
2011-12-15 03:01:51 ----A---- C:\Windows\system32\jscript.dll
2011-12-15 03:01:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-12-15 03:01:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-12-15 03:01:49 ----A---- C:\Windows\system32\mshtml.dll
2011-12-15 03:01:48 ----A---- C:\Windows\system32\ieframe.dll
======List of files/folders modified in the last 1 month======
2012-01-14 11:05:31 ----D---- C:\Windows\Prefetch
2012-01-14 11:05:23 ----D---- C:\Windows\Temp
2012-01-14 11:04:40 ----RD---- C:\Program Files
2012-01-14 11:00:49 ----D---- C:\Windows\system32\drivers\AVG
2012-01-14 10:56:41 ----D---- C:\Windows\SysWOW64
2012-01-14 10:56:41 ----D---- C:\Windows\System32
2012-01-13 23:21:05 ----D---- C:\Users\Vasek\AppData\Roaming\AIMP3
2012-01-13 22:51:21 ----D---- C:\Windows\system32\FxsTmp
2012-01-13 17:24:26 ----D---- C:\Windows\system32\config
2012-01-13 17:10:54 ----SHD---- C:\System Volume Information
2012-01-13 16:30:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-01-13 15:06:38 ----HD---- C:\ProgramData
2012-01-12 22:40:40 ----D---- C:\Windows\system32\Tasks
2012-01-12 21:38:08 ----D---- C:\Windows\system32\drivers
2012-01-12 21:11:34 ----SHD---- C:\Windows\Installer
2012-01-12 21:11:11 ----D---- C:\Windows\system32\catroot
2012-01-12 21:11:02 ----RD---- C:\Program Files (x86)
2012-01-12 20:43:18 ----D---- C:\localhost
2012-01-12 03:20:26 ----D---- C:\Windows\winsxs
2012-01-12 03:18:18 ----D---- C:\Windows\ehome
2012-01-12 03:03:11 ----D---- C:\ProgramData\Microsoft Help
2012-01-12 03:01:10 ----A---- C:\Windows\system32\MRT.exe
2012-01-11 18:34:10 ----D---- C:\Users\Vasek\AppData\Roaming\PrimoPDF
2012-01-11 18:25:15 ----SD---- C:\Users\Vasek\AppData\Roaming\Microsoft
2012-01-11 18:04:59 ----D---- C:\Windows
2012-01-11 16:31:55 ----D---- C:\Windows\Microsoft.NET
2012-01-11 16:31:34 ----RSD---- C:\Windows\assembly
2012-01-11 16:13:35 ----D---- C:\Windows\system32\catroot2
2012-01-11 03:02:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-11 03:02:28 ----D---- C:\Windows\inf
2012-01-10 20:39:18 ----D---- C:\Need for Speed - The Run
2012-01-04 18:08:37 ----D---- C:\Windows\system32\wdi
2012-01-03 20:11:07 ----D---- C:\Users\Vasek\AppData\Roaming\vlc
2012-01-02 18:38:43 ----RSD---- C:\Windows\Fonts
2011-12-20 19:09:17 ----D---- C:\Windows\rescache
2011-12-15 18:31:21 ----D---- C:\Program Files (x86)\Common Files
2011-12-15 03:21:51 ----D---- C:\Windows\SYSWOW64\migration
2011-12-15 03:21:51 ----D---- C:\Program Files\Internet Explorer
2011-12-15 03:21:51 ----D---- C:\Program Files (x86)\Internet Explorer
2011-12-15 03:21:50 ----D---- C:\Windows\system32\migration
2011-12-15 03:01:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-12-15 03:01:28 ----D---- C:\Windows\system32\cs-CZ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-03-16 37456]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2011-10-28 69376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2010-07-12 57696]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-01-07 304720]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-04-04 377936]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-17 254528]
R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys [2011-10-11 16384]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\AIDA64 Extreme Edition v1.70.1405 beta\kerneld.x64 [2011-05-09 27808]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-07 10207232]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-07 317952]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 118864]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 29264]
R3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 52224]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 csr_a2dp;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2009-12-21 78848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-02 2536040]
R3 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2010-09-14 23680]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2012-01-12 17152]
R3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-05-25 253728]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S2 cvintdrv;cvintdrv; C:\Windows\system32\drivers\cvintdrv.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-10-18 38424]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2010-09-02 15360]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVLAN60.sys [2007-12-03 24064]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2010-11-20 41984]
S3 zghsdiag;ZTE General Handset Diagnostic Port; C:\Windows\system32\DRIVERS\zghsdiag.sys [2011-01-13 122624]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary; C:\Windows\system32\DRIVERS\zghsmdm.sys [2011-01-13 122624]
S3 zghsnmea;ZTE General Handset NMEA Port; C:\Windows\system32\DRIVERS\zghsnmea.sys [2011-01-13 122624]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AIPS;Arp Intelligent Protection Service; C:\Program Files (x86)\netcut\services\AIPS.exe [2011-07-28 262144]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-07 204288]
R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2009-07-27 61440]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2011-03-09 2708024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-08-18 7390560]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 gtdetectsc;GtDetectSc Service; C:\Windows\SysWOW64\gtdetectsc.exe [2007-01-09 118784]
R2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-10-28 2152152]
R2 LkCitadelServer;Lookout Citadel Server; C:\Windows\SysWOW64\lkcitdl.exe [2006-06-19 688190]
R2 lkClassAds;National Instruments PSP Server Locator; C:\Windows\SysWOW64\lkads.exe [2006-07-25 45056]
R2 lkTimeSync;National Instruments Time Synchronization; C:\Windows\SysWOW64\lktsrv.exe [2006-07-25 57344]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [2006-07-25 200704]
R2 niSvcLoc;NI Service Locator; C:\Windows\SysWOW64\nisvcloc.exe [2006-02-06 49152]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-12-07 75136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-07-05 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 NILM License Manager;NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2006-06-27 1007616]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-12 1255736]
S4 nvlccrwuwlnfkp;nvlccrwuwlnfkp; []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Také FB virus
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Také FB virus
Zdravim a pekny den preji 
Odinstalujte doplnek pro Chrome s nazvem Google Chrome Rozšíření 1.0.1
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
Odinstalujte doplnek pro Chrome s nazvem Google Chrome Rozšíření 1.0.1 Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %SystemDrive%\PhysicalMBR.bin /md5 %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Také FB virus
OTL logfile created on: 14.1.2012 12:29:17 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vasek\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 50,43% Memory free
8,00 Gb Paging File | 5,63 Gb Available in Paging File | 70,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 203,34 Gb Free Space | 21,83% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 70,16 Mb Free Space | 70,16% Space Free | Partition Type: NTFS
Drive G: | 153,28 Gb Total Space | 76,99 Gb Free Space | 50,23% Space Free | Partition Type: NTFS
Computer Name: VASEK-PC | User Name: Vasek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.01.14 12:27:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Vasek\Desktop\OTL.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.15 18:31:55 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011.12.07 17:53:51 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.09.10 05:28:50 | 002,338,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2011.08.18 00:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011.07.28 17:35:44 | 000,262,144 | ---- | M] (Arcai.com) -- C:\Program Files (x86)\netcut\services\aips.exe
PRC - [2011.05.09 21:18:46 | 003,177,608 | ---- | M] (FinalWire Ltd.) -- C:\Program Files (x86)\AIDA64 Extreme Edition v1.70.1405 beta\aida64.exe
PRC - [2011.04.15 10:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.03.09 18:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe
PRC - [2011.02.10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011.02.08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2011.02.08 04:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgam.exe
PRC - [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.09 03:28:26 | 011,989,960 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
PRC - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
PRC - [2009.07.27 10:13:28 | 000,061,440 | ---- | M] () -- C:\Windows\SysWOW64\ASDR.exe
PRC - [2007.01.09 15:11:20 | 000,118,784 | ---- | M] (OptionNV) -- C:\Windows\SysWOW64\Gtdetectsc.exe
PRC - [2006.07.25 17:28:16 | 000,200,704 | ---- | M] (National Instruments, Inc.) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
PRC - [2006.07.25 17:28:10 | 000,057,344 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lktsrv.exe
PRC - [2006.07.25 17:28:02 | 000,045,056 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lkads.exe
PRC - [2006.06.19 14:01:52 | 000,688,190 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lkcitdl.exe
PRC - [2006.02.06 16:46:42 | 000,049,152 | ---- | M] (National Instruments Corp.) -- C:\Windows\SysWOW64\nisvcloc.exe
PRC - [2002.01.06 06:43:50 | 001,310,720 | ---- | M] (ASUSTeK Inc.) -- C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.11 11:35:34 | 000,429,040 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\ppgooglenaclpluginchrome.dll
MOD - [2012.01.11 11:35:33 | 003,772,400 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\pdf.dll
MOD - [2012.01.11 11:34:09 | 000,122,880 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\avutil-51.dll
MOD - [2012.01.11 11:34:07 | 000,222,208 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\avformat-53.dll
MOD - [2012.01.11 11:34:05 | 001,746,432 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\avcodec-53.dll
MOD - [2012.01.11 08:13:34 | 008,593,056 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\gcswf32.dll
MOD - [2012.01.10 18:30:32 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012.01.10 18:30:28 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2012.01.10 18:30:28 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012.01.10 18:30:28 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2012.01.10 18:30:28 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011.05.09 21:18:46 | 000,274,552 | ---- | M] () -- C:\Program Files (x86)\AIDA64 Extreme Edition v1.70.1405 beta\aida_icons7.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010.03.09 03:28:12 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Symlib.dll
MOD - [2010.03.09 03:28:10 | 002,748,416 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\libmysqld.dll
MOD - [2007.03.13 15:46:50 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\SmartDoctor\VOV32.dll
MOD - [2007.02.28 17:34:04 | 000,643,142 | ---- | M] () -- C:\Program Files (x86)\ASUS\SmartDoctor\aticlocklib.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.10.07 04:28:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.12.21 10:44:06 | 000,535,552 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Windows\SysNative\HFGService.dll -- (HFGService)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.07 17:53:51 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.10.28 19:35:26 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011.08.18 00:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.07.28 17:35:44 | 000,262,144 | ---- | M] (Arcai.com) [Auto | Running] -- C:\Program Files (x86)\netcut\services\aips.exe -- (AIPS)
SRV - [2011.07.05 15:57:22 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.04.15 10:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.03.09 18:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011.02.08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.27 10:13:28 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASDR.exe -- (ASDR)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 09:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.01.09 15:11:20 | 000,118,784 | ---- | M] (OptionNV) [Auto | Running] -- C:\Windows\SysWOW64\Gtdetectsc.exe -- (gtdetectsc)
SRV - [2006.07.25 17:28:16 | 000,200,704 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2006.07.25 17:28:10 | 000,057,344 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lktsrv.exe -- (lkTimeSync)
SRV - [2006.07.25 17:28:02 | 000,045,056 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lkads.exe -- (lkClassAds)
SRV - [2006.06.27 19:55:28 | 001,007,616 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager)
SRV - [2006.06.19 14:01:52 | 000,688,190 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lkcitdl.exe -- (LkCitadelServer)
SRV - [2006.02.06 16:46:42 | 000,049,152 | ---- | M] (National Instruments Corp.) [Auto | Running] -- C:\Windows\SysWOW64\nisvcloc.exe -- (niSvcLoc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.28 19:35:28 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011.10.11 15:41:45 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2011.10.07 06:21:40 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.10.07 03:46:02 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.05.27 18:05:26 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.05.17 14:18:10 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.04.04 23:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011.03.16 15:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.01 13:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.02.22 07:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011.02.10 06:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.01.13 02:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zghsnmea.sys -- (zghsnmea)
DRV:64bit: - [2011.01.13 02:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zghsmdm.sys -- (zghsmdm)
DRV:64bit: - [2011.01.13 02:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zghsdiag.sys -- (zghsdiag)
DRV:64bit: - [2011.01.07 05:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.17 13:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.10.18 05:24:46 | 000,038,424 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2010.09.14 15:21:00 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)
DRV:64bit: - [2010.09.02 16:49:46 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2010.07.12 03:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2010.06.25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.05.25 04:07:58 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.12.21 10:43:36 | 000,052,224 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV:64bit: - [2009.12.21 10:43:00 | 000,078,848 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthav.sys -- (csr_a2dp)
DRV:64bit: - [2009.07.20 03:27:34 | 000,027,136 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.12.03 03:20:54 | 000,024,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2)
DRV:64bit: - [2007.12.03 03:20:54 | 000,024,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)
DRV - [2012.01.12 21:37:55 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2011.05.09 21:18:46 | 000,027,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AIDA64 Extreme Edition v1.70.1405 beta\kerneld.x64 -- (AIDA64Driver)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006.04.10 10:01:00 | 000,004,096 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\cvintdrv.sys -- (cvintdrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.facemoods.com/?a=ddrnw [binary data]
IE - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;127.0.0.1;<local>
IE - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 87.117.135.86:80
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vasek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vasek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011.12.22 19:52:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.09.04 13:29:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.11 18:24:56 | 000,000,000 | ---D | M]
[2011.05.21 18:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vasek\AppData\Roaming\Mozilla\Extensions
[2011.11.28 19:43:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\1f95ao1e.default\extensions
[2011.11.28 19:43:04 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\1f95ao1e.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.09.04 13:29:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.12.22 19:52:13 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX4
() (No name found) -- C:\USERS\VASEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1F95AO1E.DEFAULT\EXTENSIONS\{9C51BD27-6ED8-4000-A2BF-36CB95C0C947}.XPI
[2011.08.31 00:12:22 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2006.01.23 10:32:04 | 000,020,992 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\NPLV80Win32.dll
[2006.06.07 14:40:18 | 000,027,376 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\NPLV82Win32.dll
[2011.08.30 21:39:04 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.08.30 21:39:04 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.08.30 21:39:04 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.08.30 21:39:04 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.08.30 21:39:04 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: National Instruments LabVIEW 8.0 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPLV80Win32.dll
CHR - plugin: National Instruments LabVIEW 8.2 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPLV82Win32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = G:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Users\Vasek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: YouTube = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Monster Dash = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog\2.2_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: AVG Safe Search = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: Stoup\u00E1n\u00ED nebo utopit! = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoiaaaplodaeokegmjphakphcbmiip\1.2.0_0\
CHR - Extension: Gmail = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000..\Run: [AdobeBridge] C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F484825-7EB7-43AF-851D-20FFC49F4F80}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84FF7315-8031-40CD-8E0C-2F8A745A513C}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2a094834-f11c-11e0-8732-00241d7db4a2}\Shell - "" = AutoRun
O33 - MountPoints2\{2a094834-f11c-11e0-8732-00241d7db4a2}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{3fd3982f-7b37-11e0-8418-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3fd3982f-7b37-11e0-8418-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Viewer\ppview32.exe agaxzs\auto.ppt
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.01.14 12:28:14 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Vasek\Desktop\OTL.exe
[2012.01.14 11:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.14 11:04:39 | 000,000,000 | ---D | C] -- C:\rsit
[2012.01.12 21:38:08 | 000,055,384 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2012.01.12 21:11:11 | 000,069,376 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2012.01.12 21:11:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.01.12 21:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2012.01.12 21:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012.01.12 21:11:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2012.01.12 20:11:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.01.12 20:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.01.12 20:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.01.11 18:23:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Unlocker
[2012.01.11 18:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Unlocker
[2012.01.11 18:13:30 | 000,000,000 | ---D | C] -- C:\Users\Vasek\Desktop\COMPUTER
[2012.01.11 18:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kernel for PDF Restriction Removal
[2012.01.11 18:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kernel for PDF Restriction Removal
[2012.01.11 17:58:45 | 000,000,000 | ---D | C] -- C:\Users\Vasek\AppData\Roaming\EurekaLog
[2012.01.11 17:50:53 | 000,000,000 | ---D | C] -- C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF to Image 2009
[2012.01.11 17:50:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PdfSvg
[2012.01.11 17:50:52 | 000,000,000 | ---D | C] -- C:\Users\Vasek\AppData\Roaming\pdf2image2009
[2012.01.11 16:21:01 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 16:21:01 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 16:21:01 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 16:21:01 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 16:19:30 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 16:18:37 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 16:18:37 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.10 14:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
[2012.01.10 14:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\netcut
[2012.01.08 17:21:36 | 000,000,000 | ---D | C] -- C:\Users\Vasek\Desktop\pokec
[2012.01.07 17:39:19 | 000,000,000 | ---D | C] -- C:\Users\Vasek\Desktop\dog
[2012.01.07 17:22:10 | 000,000,000 | ---D | C] -- C:\Users\Vasek\AppData\Roaming\GemX eBooks
[2012.01.07 14:32:09 | 000,000,000 | ---D | C] -- C:\Users\Vasek\Desktop\nivo-slider
[2011.09.28 19:03:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Vasek\AppData\Roaming\pcouffin.sys
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.01.14 12:32:35 | 000,014,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.14 12:32:35 | 000,014,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.14 12:32:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.14 12:27:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Vasek\Desktop\OTL.exe
[2012.01.14 12:24:50 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.01.14 12:24:23 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.01.14 12:24:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.14 12:24:15 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.14 11:10:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3462720487-3478806260-676090027-1000UA.job
[2012.01.14 11:03:51 | 000,002,044 | -H-- | M] () -- C:\Users\Vasek\Documents\Default.rdp
[2012.01.14 11:00:48 | 142,987,264 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.01.13 20:06:40 | 000,620,824 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2012.01.13 16:15:54 | 000,001,456 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012.01.13 16:08:00 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2012.01.13 14:26:41 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3462720487-3478806260-676090027-1000Core.job
[2012.01.12 21:38:01 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2012.01.12 21:11:12 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2012.01.12 20:11:10 | 000,001,258 | ---- | M] () -- C:\Users\Vasek\Desktop\Spybot - Search & Destroy.lnk
[2012.01.12 16:59:58 | 000,000,132 | ---- | M] () -- C:\Users\Vasek\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.01.11 18:13:16 | 000,001,209 | ---- | M] () -- C:\Users\Vasek\Desktop\Kernel for PDF Restriction Removal .lnk
[2012.01.11 17:50:54 | 000,001,154 | ---- | M] () -- C:\Users\Vasek\Desktop\PDF to Image 2009.lnk
[2012.01.11 16:36:08 | 046,757,781 | ---- | M] () -- C:\Users\Vasek\Desktop\Zdeněk-Schröter---Autoškola---Moderní-učebnice.pdf
[2012.01.11 03:02:29 | 001,498,544 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.11 03:02:29 | 000,634,568 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.01.11 03:02:29 | 000,618,974 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.11 03:02:29 | 000,123,158 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.01.11 03:02:29 | 000,107,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.10 14:21:28 | 000,000,979 | ---- | M] () -- C:\Users\Vasek\Desktop\netcut.lnk
[2012.01.10 14:21:28 | 000,000,046 | ---- | M] () -- C:\Users\Vasek\Desktop\netcut support.url
[2012.01.09 16:26:54 | 003,513,202 | ---- | M] () -- C:\Users\Vasek\Desktop\dan+zofka.iff
[2012.01.09 16:26:54 | 000,000,132 | ---- | M] () -- C:\Users\Vasek\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012.01.09 16:19:05 | 001,313,316 | ---- | M] () -- C:\Users\Vasek\Desktop\DAN.jpg
[2012.01.08 20:11:22 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.01.14 12:32:16 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.14 12:24:50 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.01.12 21:11:12 | 000,001,060 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2012.01.12 20:11:10 | 000,001,258 | ---- | C] () -- C:\Users\Vasek\Desktop\Spybot - Search & Destroy.lnk
[2012.01.11 18:13:16 | 000,001,209 | ---- | C] () -- C:\Users\Vasek\Desktop\Kernel for PDF Restriction Removal .lnk
[2012.01.11 17:50:54 | 000,001,154 | ---- | C] () -- C:\Users\Vasek\Desktop\PDF to Image 2009.lnk
[2012.01.11 16:07:03 | 046,757,781 | ---- | C] () -- C:\Users\Vasek\Desktop\Zdeněk-Schröter---Autoškola---Moderní-učebnice.pdf
[2012.01.10 14:21:28 | 000,000,979 | ---- | C] () -- C:\Users\Vasek\Desktop\netcut.lnk
[2012.01.10 14:21:28 | 000,000,046 | ---- | C] () -- C:\Users\Vasek\Desktop\netcut support.url
[2012.01.10 14:21:27 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx
[2012.01.09 16:26:54 | 000,000,132 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012.01.09 16:26:53 | 003,513,202 | ---- | C] () -- C:\Users\Vasek\Desktop\dan+zofka.iff
[2012.01.09 16:19:04 | 001,313,316 | ---- | C] () -- C:\Users\Vasek\Desktop\DAN.jpg
[2012.01.08 20:11:22 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.12.21 18:52:46 | 000,000,918 | ---- | C] () -- C:\Windows\ARPR.INI
[2011.12.07 17:53:55 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.12.07 17:53:51 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.11.26 16:08:26 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011.10.06 21:30:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.09.28 19:03:18 | 000,099,384 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\inst.exe
[2011.09.28 19:03:18 | 000,007,859 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\pcouffin.cat
[2011.09.28 19:03:18 | 000,001,167 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\pcouffin.inf
[2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.07.05 18:31:02 | 000,000,132 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011.07.05 18:29:45 | 000,000,132 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2011.06.08 17:42:40 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.06.06 19:30:01 | 000,000,132 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.05.19 12:31:04 | 000,001,057 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\vso_ts_preview.xml
[2011.05.15 14:09:36 | 000,001,456 | ---- | C] () -- C:\Users\Vasek\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011.05.11 17:50:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.11.08 15:53:07 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\mssec-ocd.dll
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.12.21 02:42:18 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini
[2009.07.27 10:13:28 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\ASDR.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.03.08 08:46:09 | 000,009,851 | ---- | C] () -- C:\Windows\SysWow64\mswen-oce.dll
[2006.04.10 10:00:00 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\drivers\cvintdrv.sys
========== LOP Check ==========
[2011.10.12 15:21:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\2K Sports
[2011.07.19 15:31:20 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AIMP
[2012.01.13 23:21:05 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AIMP3
[2011.06.02 12:15:58 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Ashampoo
[2011.05.23 15:17:07 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AVG10
[2012.01.06 15:29:41 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.06.14 19:04:55 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Crayon Physics Deluxe
[2011.07.27 09:26:55 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\DAEMON Tools Lite
[2011.10.19 17:25:59 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Dev-Cpp
[2012.01.11 17:58:45 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\EurekaLog
[2012.01.07 17:22:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\GemX eBooks
[2011.10.07 20:39:14 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\GHISLER
[2011.11.12 21:41:43 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\ICQ
[2011.06.26 14:47:29 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Leadertech
[2011.11.15 14:55:35 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\National Instruments
[2012.01.11 17:50:52 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\pdf2image2009
[2012.01.11 18:34:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\PrimoPDF
[2011.12.07 17:53:49 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\PunkBuster
[2011.11.15 17:05:49 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.05.11 19:54:17 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\TeamViewer
[2011.12.14 19:16:54 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Trine2
[2011.10.08 10:10:43 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Vso
[2011.09.04 13:46:39 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Wireshark
[2012.01.14 12:24:50 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012.01.14 12:24:23 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012.01.13 16:08:00 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2011.08.31 11:15:21 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vasek\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 50,43% Memory free
8,00 Gb Paging File | 5,63 Gb Available in Paging File | 70,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 203,34 Gb Free Space | 21,83% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 70,16 Mb Free Space | 70,16% Space Free | Partition Type: NTFS
Drive G: | 153,28 Gb Total Space | 76,99 Gb Free Space | 50,23% Space Free | Partition Type: NTFS
Computer Name: VASEK-PC | User Name: Vasek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.01.14 12:27:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Vasek\Desktop\OTL.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.15 18:31:55 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011.12.07 17:53:51 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.09.10 05:28:50 | 002,338,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2011.08.18 00:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011.07.28 17:35:44 | 000,262,144 | ---- | M] (Arcai.com) -- C:\Program Files (x86)\netcut\services\aips.exe
PRC - [2011.05.09 21:18:46 | 003,177,608 | ---- | M] (FinalWire Ltd.) -- C:\Program Files (x86)\AIDA64 Extreme Edition v1.70.1405 beta\aida64.exe
PRC - [2011.04.15 10:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.03.09 18:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe
PRC - [2011.02.10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011.02.08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2011.02.08 04:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgam.exe
PRC - [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.09 03:28:26 | 011,989,960 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
PRC - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
PRC - [2009.07.27 10:13:28 | 000,061,440 | ---- | M] () -- C:\Windows\SysWOW64\ASDR.exe
PRC - [2007.01.09 15:11:20 | 000,118,784 | ---- | M] (OptionNV) -- C:\Windows\SysWOW64\Gtdetectsc.exe
PRC - [2006.07.25 17:28:16 | 000,200,704 | ---- | M] (National Instruments, Inc.) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
PRC - [2006.07.25 17:28:10 | 000,057,344 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lktsrv.exe
PRC - [2006.07.25 17:28:02 | 000,045,056 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lkads.exe
PRC - [2006.06.19 14:01:52 | 000,688,190 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lkcitdl.exe
PRC - [2006.02.06 16:46:42 | 000,049,152 | ---- | M] (National Instruments Corp.) -- C:\Windows\SysWOW64\nisvcloc.exe
PRC - [2002.01.06 06:43:50 | 001,310,720 | ---- | M] (ASUSTeK Inc.) -- C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.11 11:35:34 | 000,429,040 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\ppgooglenaclpluginchrome.dll
MOD - [2012.01.11 11:35:33 | 003,772,400 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\pdf.dll
MOD - [2012.01.11 11:34:09 | 000,122,880 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\avutil-51.dll
MOD - [2012.01.11 11:34:07 | 000,222,208 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\avformat-53.dll
MOD - [2012.01.11 11:34:05 | 001,746,432 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\avcodec-53.dll
MOD - [2012.01.11 08:13:34 | 008,593,056 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\gcswf32.dll
MOD - [2012.01.10 18:30:32 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012.01.10 18:30:28 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2012.01.10 18:30:28 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012.01.10 18:30:28 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2012.01.10 18:30:28 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011.05.09 21:18:46 | 000,274,552 | ---- | M] () -- C:\Program Files (x86)\AIDA64 Extreme Edition v1.70.1405 beta\aida_icons7.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010.03.09 03:28:12 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Symlib.dll
MOD - [2010.03.09 03:28:10 | 002,748,416 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\libmysqld.dll
MOD - [2007.03.13 15:46:50 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\SmartDoctor\VOV32.dll
MOD - [2007.02.28 17:34:04 | 000,643,142 | ---- | M] () -- C:\Program Files (x86)\ASUS\SmartDoctor\aticlocklib.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.10.07 04:28:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.12.21 10:44:06 | 000,535,552 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Windows\SysNative\HFGService.dll -- (HFGService)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.07 17:53:51 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.10.28 19:35:26 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011.08.18 00:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.07.28 17:35:44 | 000,262,144 | ---- | M] (Arcai.com) [Auto | Running] -- C:\Program Files (x86)\netcut\services\aips.exe -- (AIPS)
SRV - [2011.07.05 15:57:22 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.04.15 10:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.03.09 18:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011.02.08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.27 10:13:28 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASDR.exe -- (ASDR)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 09:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.01.09 15:11:20 | 000,118,784 | ---- | M] (OptionNV) [Auto | Running] -- C:\Windows\SysWOW64\Gtdetectsc.exe -- (gtdetectsc)
SRV - [2006.07.25 17:28:16 | 000,200,704 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2006.07.25 17:28:10 | 000,057,344 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lktsrv.exe -- (lkTimeSync)
SRV - [2006.07.25 17:28:02 | 000,045,056 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lkads.exe -- (lkClassAds)
SRV - [2006.06.27 19:55:28 | 001,007,616 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager)
SRV - [2006.06.19 14:01:52 | 000,688,190 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lkcitdl.exe -- (LkCitadelServer)
SRV - [2006.02.06 16:46:42 | 000,049,152 | ---- | M] (National Instruments Corp.) [Auto | Running] -- C:\Windows\SysWOW64\nisvcloc.exe -- (niSvcLoc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.28 19:35:28 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011.10.11 15:41:45 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2011.10.07 06:21:40 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.10.07 03:46:02 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.05.27 18:05:26 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.05.17 14:18:10 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.04.04 23:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011.03.16 15:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.01 13:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.02.22 07:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011.02.10 06:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.01.13 02:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zghsnmea.sys -- (zghsnmea)
DRV:64bit: - [2011.01.13 02:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zghsmdm.sys -- (zghsmdm)
DRV:64bit: - [2011.01.13 02:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zghsdiag.sys -- (zghsdiag)
DRV:64bit: - [2011.01.07 05:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.17 13:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.10.18 05:24:46 | 000,038,424 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2010.09.14 15:21:00 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)
DRV:64bit: - [2010.09.02 16:49:46 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2010.07.12 03:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2010.06.25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.05.25 04:07:58 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.12.21 10:43:36 | 000,052,224 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV:64bit: - [2009.12.21 10:43:00 | 000,078,848 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthav.sys -- (csr_a2dp)
DRV:64bit: - [2009.07.20 03:27:34 | 000,027,136 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.12.03 03:20:54 | 000,024,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2)
DRV:64bit: - [2007.12.03 03:20:54 | 000,024,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)
DRV - [2012.01.12 21:37:55 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2011.05.09 21:18:46 | 000,027,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AIDA64 Extreme Edition v1.70.1405 beta\kerneld.x64 -- (AIDA64Driver)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006.04.10 10:01:00 | 000,004,096 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\cvintdrv.sys -- (cvintdrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.facemoods.com/?a=ddrnw [binary data]
IE - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;127.0.0.1;<local>
IE - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 87.117.135.86:80
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vasek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vasek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011.12.22 19:52:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.09.04 13:29:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.11 18:24:56 | 000,000,000 | ---D | M]
[2011.05.21 18:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vasek\AppData\Roaming\Mozilla\Extensions
[2011.11.28 19:43:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\1f95ao1e.default\extensions
[2011.11.28 19:43:04 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\1f95ao1e.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.09.04 13:29:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.12.22 19:52:13 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX4
() (No name found) -- C:\USERS\VASEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1F95AO1E.DEFAULT\EXTENSIONS\{9C51BD27-6ED8-4000-A2BF-36CB95C0C947}.XPI
[2011.08.31 00:12:22 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2006.01.23 10:32:04 | 000,020,992 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\NPLV80Win32.dll
[2006.06.07 14:40:18 | 000,027,376 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\NPLV82Win32.dll
[2011.08.30 21:39:04 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.08.30 21:39:04 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.08.30 21:39:04 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.08.30 21:39:04 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.08.30 21:39:04 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vasek\AppData\Local\Google\Chrome\Application\17.0.963.33\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: National Instruments LabVIEW 8.0 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPLV80Win32.dll
CHR - plugin: National Instruments LabVIEW 8.2 Netscape Plug-in for Windows (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPLV82Win32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = G:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Users\Vasek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: YouTube = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Monster Dash = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog\2.2_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: AVG Safe Search = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: Stoup\u00E1n\u00ED nebo utopit! = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoiaaaplodaeokegmjphakphcbmiip\1.2.0_0\
CHR - Extension: Gmail = C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000..\Run: [AdobeBridge] C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3462720487-3478806260-676090027-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F484825-7EB7-43AF-851D-20FFC49F4F80}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84FF7315-8031-40CD-8E0C-2F8A745A513C}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2a094834-f11c-11e0-8732-00241d7db4a2}\Shell - "" = AutoRun
O33 - MountPoints2\{2a094834-f11c-11e0-8732-00241d7db4a2}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{3fd3982f-7b37-11e0-8418-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3fd3982f-7b37-11e0-8418-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Viewer\ppview32.exe agaxzs\auto.ppt
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.01.14 12:28:14 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Vasek\Desktop\OTL.exe
[2012.01.14 11:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.14 11:04:39 | 000,000,000 | ---D | C] -- C:\rsit
[2012.01.12 21:38:08 | 000,055,384 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2012.01.12 21:11:11 | 000,069,376 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2012.01.12 21:11:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.01.12 21:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2012.01.12 21:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012.01.12 21:11:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2012.01.12 20:11:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.01.12 20:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.01.12 20:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.01.11 18:23:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Unlocker
[2012.01.11 18:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Unlocker
[2012.01.11 18:13:30 | 000,000,000 | ---D | C] -- C:\Users\Vasek\Desktop\COMPUTER
[2012.01.11 18:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kernel for PDF Restriction Removal
[2012.01.11 18:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kernel for PDF Restriction Removal
[2012.01.11 17:58:45 | 000,000,000 | ---D | C] -- C:\Users\Vasek\AppData\Roaming\EurekaLog
[2012.01.11 17:50:53 | 000,000,000 | ---D | C] -- C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF to Image 2009
[2012.01.11 17:50:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PdfSvg
[2012.01.11 17:50:52 | 000,000,000 | ---D | C] -- C:\Users\Vasek\AppData\Roaming\pdf2image2009
[2012.01.11 16:21:01 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 16:21:01 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 16:21:01 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 16:21:01 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 16:19:30 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 16:18:37 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 16:18:37 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.10 14:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
[2012.01.10 14:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\netcut
[2012.01.08 17:21:36 | 000,000,000 | ---D | C] -- C:\Users\Vasek\Desktop\pokec
[2012.01.07 17:39:19 | 000,000,000 | ---D | C] -- C:\Users\Vasek\Desktop\dog
[2012.01.07 17:22:10 | 000,000,000 | ---D | C] -- C:\Users\Vasek\AppData\Roaming\GemX eBooks
[2012.01.07 14:32:09 | 000,000,000 | ---D | C] -- C:\Users\Vasek\Desktop\nivo-slider
[2011.09.28 19:03:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Vasek\AppData\Roaming\pcouffin.sys
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.01.14 12:32:35 | 000,014,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.14 12:32:35 | 000,014,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.14 12:32:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.14 12:27:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Vasek\Desktop\OTL.exe
[2012.01.14 12:24:50 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.01.14 12:24:23 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.01.14 12:24:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.14 12:24:15 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.14 11:10:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3462720487-3478806260-676090027-1000UA.job
[2012.01.14 11:03:51 | 000,002,044 | -H-- | M] () -- C:\Users\Vasek\Documents\Default.rdp
[2012.01.14 11:00:48 | 142,987,264 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.01.13 20:06:40 | 000,620,824 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2012.01.13 16:15:54 | 000,001,456 | ---- | M] () -- C:\Users\Vasek\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012.01.13 16:08:00 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2012.01.13 14:26:41 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3462720487-3478806260-676090027-1000Core.job
[2012.01.12 21:38:01 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2012.01.12 21:11:12 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2012.01.12 20:11:10 | 000,001,258 | ---- | M] () -- C:\Users\Vasek\Desktop\Spybot - Search & Destroy.lnk
[2012.01.12 16:59:58 | 000,000,132 | ---- | M] () -- C:\Users\Vasek\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.01.11 18:13:16 | 000,001,209 | ---- | M] () -- C:\Users\Vasek\Desktop\Kernel for PDF Restriction Removal .lnk
[2012.01.11 17:50:54 | 000,001,154 | ---- | M] () -- C:\Users\Vasek\Desktop\PDF to Image 2009.lnk
[2012.01.11 16:36:08 | 046,757,781 | ---- | M] () -- C:\Users\Vasek\Desktop\Zdeněk-Schröter---Autoškola---Moderní-učebnice.pdf
[2012.01.11 03:02:29 | 001,498,544 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.11 03:02:29 | 000,634,568 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.01.11 03:02:29 | 000,618,974 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.11 03:02:29 | 000,123,158 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.01.11 03:02:29 | 000,107,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.10 14:21:28 | 000,000,979 | ---- | M] () -- C:\Users\Vasek\Desktop\netcut.lnk
[2012.01.10 14:21:28 | 000,000,046 | ---- | M] () -- C:\Users\Vasek\Desktop\netcut support.url
[2012.01.09 16:26:54 | 003,513,202 | ---- | M] () -- C:\Users\Vasek\Desktop\dan+zofka.iff
[2012.01.09 16:26:54 | 000,000,132 | ---- | M] () -- C:\Users\Vasek\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012.01.09 16:19:05 | 001,313,316 | ---- | M] () -- C:\Users\Vasek\Desktop\DAN.jpg
[2012.01.08 20:11:22 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.01.14 12:32:16 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.14 12:24:50 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.01.12 21:11:12 | 000,001,060 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2012.01.12 20:11:10 | 000,001,258 | ---- | C] () -- C:\Users\Vasek\Desktop\Spybot - Search & Destroy.lnk
[2012.01.11 18:13:16 | 000,001,209 | ---- | C] () -- C:\Users\Vasek\Desktop\Kernel for PDF Restriction Removal .lnk
[2012.01.11 17:50:54 | 000,001,154 | ---- | C] () -- C:\Users\Vasek\Desktop\PDF to Image 2009.lnk
[2012.01.11 16:07:03 | 046,757,781 | ---- | C] () -- C:\Users\Vasek\Desktop\Zdeněk-Schröter---Autoškola---Moderní-učebnice.pdf
[2012.01.10 14:21:28 | 000,000,979 | ---- | C] () -- C:\Users\Vasek\Desktop\netcut.lnk
[2012.01.10 14:21:28 | 000,000,046 | ---- | C] () -- C:\Users\Vasek\Desktop\netcut support.url
[2012.01.10 14:21:27 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx
[2012.01.09 16:26:54 | 000,000,132 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012.01.09 16:26:53 | 003,513,202 | ---- | C] () -- C:\Users\Vasek\Desktop\dan+zofka.iff
[2012.01.09 16:19:04 | 001,313,316 | ---- | C] () -- C:\Users\Vasek\Desktop\DAN.jpg
[2012.01.08 20:11:22 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.12.21 18:52:46 | 000,000,918 | ---- | C] () -- C:\Windows\ARPR.INI
[2011.12.07 17:53:55 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.12.07 17:53:51 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.11.26 16:08:26 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011.10.06 21:30:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.09.28 19:03:18 | 000,099,384 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\inst.exe
[2011.09.28 19:03:18 | 000,007,859 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\pcouffin.cat
[2011.09.28 19:03:18 | 000,001,167 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\pcouffin.inf
[2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.07.05 18:31:02 | 000,000,132 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011.07.05 18:29:45 | 000,000,132 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2011.06.08 17:42:40 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.06.06 19:30:01 | 000,000,132 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.05.19 12:31:04 | 000,001,057 | ---- | C] () -- C:\Users\Vasek\AppData\Roaming\vso_ts_preview.xml
[2011.05.15 14:09:36 | 000,001,456 | ---- | C] () -- C:\Users\Vasek\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011.05.11 17:50:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.11.08 15:53:07 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\mssec-ocd.dll
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.12.21 02:42:18 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini
[2009.07.27 10:13:28 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\ASDR.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.03.08 08:46:09 | 000,009,851 | ---- | C] () -- C:\Windows\SysWow64\mswen-oce.dll
[2006.04.10 10:00:00 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\drivers\cvintdrv.sys
========== LOP Check ==========
[2011.10.12 15:21:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\2K Sports
[2011.07.19 15:31:20 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AIMP
[2012.01.13 23:21:05 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AIMP3
[2011.06.02 12:15:58 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Ashampoo
[2011.05.23 15:17:07 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AVG10
[2012.01.06 15:29:41 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.06.14 19:04:55 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Crayon Physics Deluxe
[2011.07.27 09:26:55 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\DAEMON Tools Lite
[2011.10.19 17:25:59 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Dev-Cpp
[2012.01.11 17:58:45 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\EurekaLog
[2012.01.07 17:22:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\GemX eBooks
[2011.10.07 20:39:14 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\GHISLER
[2011.11.12 21:41:43 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\ICQ
[2011.06.26 14:47:29 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Leadertech
[2011.11.15 14:55:35 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\National Instruments
[2012.01.11 17:50:52 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\pdf2image2009
[2012.01.11 18:34:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\PrimoPDF
[2011.12.07 17:53:49 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\PunkBuster
[2011.11.15 17:05:49 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.05.11 19:54:17 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\TeamViewer
[2011.12.14 19:16:54 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Trine2
[2011.10.08 10:10:43 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Vso
[2011.09.04 13:46:39 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Wireshark
[2012.01.14 12:24:50 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012.01.14 12:24:23 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012.01.13 16:08:00 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2011.08.31 11:15:21 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
Re: Také FB virus
Pokračování OTL.txt
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[3 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.10.12 15:21:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\2K Sports
[2011.11.15 17:06:17 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Adobe
[2011.11.15 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Adobe Mini Bridge CS5
[2011.07.19 15:31:20 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AIMP
[2012.01.13 23:21:05 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AIMP3
[2011.06.02 12:15:58 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Ashampoo
[2011.05.11 17:51:15 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\ATI
[2011.05.23 15:17:07 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AVG10
[2012.01.06 15:29:41 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.06.14 19:04:55 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Crayon Physics Deluxe
[2011.07.27 09:26:55 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\DAEMON Tools Lite
[2011.10.19 17:25:59 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Dev-Cpp
[2012.01.11 17:58:45 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\EurekaLog
[2012.01.07 17:22:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\GemX eBooks
[2011.10.07 20:39:14 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\GHISLER
[2011.11.12 21:41:43 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\ICQ
[2011.05.10 20:04:21 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Identities
[2011.06.26 14:47:29 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Leadertech
[2011.05.10 20:37:37 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Macromedia
[2009.07.14 16:36:58 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Media Center Programs
[2012.01.11 18:25:15 | 000,000,000 | --SD | M] -- C:\Users\Vasek\AppData\Roaming\Microsoft
[2011.05.21 18:44:32 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Mozilla
[2011.11.15 14:55:35 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\National Instruments
[2012.01.11 17:50:52 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\pdf2image2009
[2012.01.11 18:34:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\PrimoPDF
[2011.10.07 20:39:15 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\PSpad
[2011.12.07 17:53:49 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\PunkBuster
[2011.12.14 19:10:05 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Skype
[2011.11.15 17:05:49 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.05.11 19:54:17 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\TeamViewer
[2011.12.14 19:16:54 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Trine2
[2012.01.03 20:11:07 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\vlc
[2011.10.08 10:10:43 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Vso
[2011.05.10 21:04:04 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\WinRAR
[2011.09.04 13:46:39 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Wireshark
< %APPDATA%\*.exe /s >
[2011.10.08 10:10:43 | 000,099,384 | ---- | M] () -- C:\Users\Vasek\AppData\Roaming\inst.exe
[2011.10.11 14:52:01 | 000,088,102 | R--- | M] () -- C:\Users\Vasek\AppData\Roaming\Microsoft\Installer\{BA45D6C9-AC93-288B-DC4C-D65A01A2ED02}\ARPPRODUCTICON.exe
[2011.10.18 20:47:26 | 003,123,272 | R--- | M] () -- C:\Users\Vasek\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.01.14 12:24:50 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012.01.14 12:24:23 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012.01.13 16:08:00 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2012.01.13 14:26:41 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3462720487-3478806260-676090027-1000Core.job
[2012.01.14 11:10:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3462720487-3478806260-676090027-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\Vasek\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.05.10 20:20:49 | 000,136,176 | ---- | M] (Google Inc.)
"AdobeBridge" = "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth -- [2010.03.09 03:28:26 | 011,989,960 | ---- | M] (Adobe Systems, Inc.)
"Steam" = "C:\Program Files (x86)\Steam\Steam.exe" -silent -- [2011.12.15 18:31:55 | 001,242,448 | ---- | M] (Valve Corporation)
"SpybotSD TeaTimer" = C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe -- [2009.01.26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.14 12:32:16 | 000,000,512 | ---- | M] () MD5=4B73EB67DD6440818E44B73E3B58E95A -- C:\PhysicalMBR.bin
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.08.31 00:12:21 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=9089100A22856513CBF35E18C552D53F -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.07.11 10:07:36 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< *crack* /s >
[2005.07.07 20:22:11 | 000,000,100 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\concrete\prodwllecracked.vmt
[2005.07.07 20:22:12 | 000,174,968 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\concrete\prodwllecracked.vtf
[2012.01.11 17:58:35 | 000,000,848 | ---- | M] () -- \Users\Vasek\AppData\Roaming\Microsoft\Windows\Recent\A-PDF.Image.to.PDF.v4.3.3.Cracked.CRACKFiX.ONLY-REViSE.lnk
[2012.01.11 17:58:35 | 001,970,106 | ---- | M] () -- \Users\Vasek\Downloads\A-PDF.Image.to.PDF.v4.3.3.Cracked.CRACKFiX.ONLY-REViSE.rar
[2011.05.26 15:55:52 | 000,746,496 | ---- | M] () -- \Users\Vasek\Downloads\Dirt.3-SKIDROW-CRACK_ONLY.zip
[2011.05.16 21:21:19 | 005,479,706 | ---- | M] () -- \Users\Vasek\Downloads\free-smtp-server-2-58_incl_crack.zip
[2011.11.22 17:19:25 | 012,087,192 | ---- | M] () -- \Users\Vasek\Downloads\NFS_Run_2011_Crack_cestina.rar
[2011.01.26 16:27:08 | 023,608,758 | ---- | M] () -- \Users\Vasek\Music\HUDBA\Ramones\1992 - Mondo Bizarro\11. Cabbies on Crack.ape
[2010.01.13 16:04:34 | 006,950,185 | ---- | M] () -- \Users\Vasek\Music\HUDBA\Strung Out\1996 - Suburban Teenage Wasteland Blues\01. Firecracker.mp3
[2009.07.13 05:41:30 | 015,575,392 | ---- | M] () -- \Users\Vasek\Music\HUDBA\The Bouncing Souls\1997 - The Bouncing Souls\01. Cracked.flac
< *keygen* /s >
[2007.08.14 11:51:28 | 000,054,272 | ---- | M] () -- \Program Files (x86)\EA Sports\Madden NFL 08\keygen.exe
[2007.10.15 09:28:50 | 000,262,656 | ---- | M] () -- \Program Files (x86)\National Instruments\KeyGen.exe
[2012.01.11 17:53:45 | 000,000,798 | ---- | M] () -- \Users\Vasek\AppData\Roaming\Microsoft\Windows\Recent\PDF.To.Image.Converter.v2.0.WinALL.Incl.Keygen-ECLiPSE.lnk
[2011.07.12 06:07:23 | 000,108,748 | ---- | M] () -- \Users\Vasek\Downloads\Easy.CD-DA.Extractor.v10.0.3_KEYGEN+PATCH-FFF.zip
[2012.01.11 17:53:45 | 000,119,834 | ---- | M] () -- \Users\Vasek\Downloads\PDF.To.Image.Converter.v2.0.WinALL.Incl.Keygen-ECLiPSE.ZIP
[2011.05.19 12:30:02 | 019,808,149 | ---- | M] () -- \Users\Vasek\Downloads\vso-convertxtodvd-4-1-19-365-final-keygen-brd.rar
< *loader* /s >
[2007.09.28 10:09:34 | 000,001,749 | ---- | M] () -- \localhost\miniRS_v22\soubory\downloader.php
[2011.12.19 18:25:06 | 000,005,167 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\namespace-Nette.Loaders.html
[2011.12.19 18:25:00 | 000,009,544 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\Nette.Config.Loader.html
[2011.12.19 18:25:06 | 000,009,717 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\Nette.Loaders.AutoLoader.html
[2011.12.19 18:25:06 | 000,040,293 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\Nette.Loaders.NetteLoader.html
[2011.12.19 18:25:06 | 000,015,369 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\Nette.Loaders.RobotLoader.html
[2011.12.19 18:25:00 | 000,020,636 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\source-Config.Loader.php.html
[2011.12.19 18:25:06 | 000,013,829 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\source-Loaders.AutoLoader.php.html
[2011.12.19 18:25:06 | 000,053,104 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\source-Loaders.NetteLoader.php.html
[2011.12.19 18:25:06 | 000,051,266 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\source-Loaders.RobotLoader.php.html
[2011.12.19 18:23:54 | 000,001,898 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\Nette\loader.php
[2011.12.19 18:23:06 | 000,003,381 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\Nette\Config\Loader.php
[2011.12.19 18:23:06 | 000,001,905 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\Nette\Loaders\AutoLoader.php
[2011.12.19 18:23:56 | 000,016,784 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\Nette\Loaders\NetteLoader.php
[2011.12.19 18:23:54 | 000,008,976 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\Nette\Loaders\RobotLoader.php
[2011.12.19 18:24:54 | 000,001,898 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\sandbox\libs\Nette\loader.php
[2011.12.19 18:24:54 | 000,003,381 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\sandbox\libs\Nette\Config\Loader.php
[2011.12.19 18:24:54 | 000,001,905 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\sandbox\libs\Nette\Loaders\AutoLoader.php
[2011.12.19 18:24:54 | 000,016,784 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\sandbox\libs\Nette\Loaders\NetteLoader.php
[2011.12.19 18:24:54 | 000,008,976 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\sandbox\libs\Nette\Loaders\RobotLoader.php
[2011.12.19 18:23:06 | 000,000,723 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\tests\Nette\Config\Configurator.robotLoader.phpt
[2011.12.19 18:23:06 | 000,000,776 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\tests\Nette\Config\Loader.error.phpt
[2011.12.19 18:23:06 | 000,000,890 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\tests\Nette\Config\Loader.include.phpt
[2011.12.19 18:23:06 | 000,000,410 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\tests\Nette\Loaders\NetteLoader.phpt
[2011.12.19 18:23:54 | 000,001,812 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\tests\Nette\Loaders\RobotLoader.phpt
[2011.12.19 18:23:54 | 000,001,898 | ---- | M] () -- \localhost\OOP\libs\Nette\loader.php
[2011.12.19 18:23:06 | 000,003,381 | ---- | M] () -- \localhost\OOP\libs\Nette\Config\Loader.php
[2011.12.19 18:23:06 | 000,001,905 | ---- | M] () -- \localhost\OOP\libs\Nette\Loaders\AutoLoader.php
[2011.12.19 18:23:56 | 000,016,784 | ---- | M] () -- \localhost\OOP\libs\Nette\Loaders\NetteLoader.php
[2011.12.19 18:23:54 | 000,008,976 | ---- | M] () -- \localhost\OOP\libs\Nette\Loaders\RobotLoader.php
[2010.01.12 16:11:26 | 000,002,188 | ---- | M] () -- \localhost\visioncms_0.9.0-rc2\administrator\js\preloader.js
[2011.03.25 19:33:30 | 000,035,175 | ---- | M] () -- \localhost\wordpress\wp-includes\script-loader.php
[2010.04.28 06:48:10 | 000,001,893 | ---- | M] () -- \localhost\wordpress\wp-includes\template-loader.php
[2007.03.14 18:21:36 | 004,937,904 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007.03.14 16:07:28 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010.03.09 03:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 00:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 00:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2011.04.15 15:29:28 | 000,000,118 | ---- | M] () -- \Program Files (x86)\Codemasters\DiRT 3\audio\audio_loader.xml
[2007.03.14 16:10:18 | 000,088,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:20 | 000,025,188 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\cs_cz\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:26 | 000,032,022 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:28 | 000,032,216 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:30 | 000,027,655 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:36 | 000,030,891 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\en_us\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:38 | 000,032,399 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:42 | 000,032,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:42 | 000,032,393 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:46 | 000,022,871 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:48 | 000,025,272 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:50 | 000,032,109 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:50 | 000,032,441 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:52 | 000,032,499 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:54 | 000,032,074 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:56 | 000,032,110 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:58 | 000,024,996 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:00 | 000,031,772 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:02 | 000,024,463 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:04 | 000,025,054 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:06 | 000,032,171 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:06 | 000,024,411 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:08 | 000,025,525 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:10 | 000,032,741 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:10 | 000,032,833 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007.03.08 15:35:32 | 000,004,239 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2010.10.07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.02.11 11:56:48 | 000,001,651 | ---- | M] () -- \Program Files (x86)\EasyPHP-5.3.6.0\phpmyadmin\libraries\PHPExcel\PHPExcel\Autoloader.php
[2011.12.07 14:50:30 | 000,064,352 | ---- | M] () -- \Program Files (x86)\Frozenbyte\Trine 2\PhysXLoader.dll
[2011.12.07 14:50:30 | 000,066,912 | ---- | M] () -- \Program Files (x86)\Frozenbyte\Trine 2\PhysXLoader64.dll
[2011.07.12 15:08:54 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.07.12 15:08:54 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.07.12 15:08:54 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.07.28 09:28:41 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.07.12 15:09:35 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.07.12 15:09:36 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.11.29 11:59:18 | 000,228,864 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ubiorbitapi_r2_loader.dll
[2011.10.30 07:10:24 | 000,169,080 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Revelations\uplay_r1_loader.dll
[2011.09.23 23:19:25 | 000,228,352 | ---- | M] () -- \Program Files (x86)\Ubisoft\Driver San Francisco\ubiorbitapi_r2_loader.dll
[2011.08.30 14:21:55 | 000,171,320 | ---- | M] () -- \Program Files (x86)\Ubisoft\Driver San Francisco\uplay_r1_loader.dll
[2010.10.07 04:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.03.02 11:39:58 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.03.08 08:43:28 | 000,013,734 | ---- | M] () -- \Python27\Lib\unittest\loader.py
[2011.03.08 08:43:28 | 000,050,487 | ---- | M] () -- \Python27\Lib\unittest\test\test_loader.py
[2011.05.17 14:19:05 | 000,057,728 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2011.05.17 14:19:05 | 000,057,728 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2011.05.17 14:19:05 | 000,057,728 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011.07.12 15:09:31 | 000,000,402 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELA5OS7J\preloader[1].htm
[2011.07.12 15:09:36 | 000,000,402 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLMEYC11\preloader[1].htm
[2011.07.22 09:52:46 | 000,001,891 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLMEYC11\preloader[1].js
[2011.07.12 15:09:35 | 000,000,402 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHBN1PLF\preloader[1].htm
[2011.07.22 09:52:47 | 000,002,931 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHBN1PLF\preloader[1].swf
[2011.07.28 09:28:41 | 000,000,402 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHBN1PLF\preloader[2].htm
[2012.01.11 18:17:02 | 000,000,803 | ---- | M] () -- \Users\Vasek\AppData\Roaming\Microsoft\Windows\Recent\A-PDF.Restrictions.Remover.v1.5.2.Loader-AHCU.lnk
[2011.12.13 20:20:52 | 000,001,674 | ---- | M] () -- \Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eurobattle.net\Euroloader.lnk
[2011.12.13 15:25:20 | 000,001,600 | ---- | M] () -- \Users\Vasek\Desktop\HRY\DOTA\Euroloader.lnk
[2011.09.25 23:18:06 | 000,098,816 | ---- | M] () -- \Users\Vasek\Desktop\HRY\DOTA\W3\euroloader.exe
[2011.05.06 18:47:43 | 000,000,046 | ---- | M] () -- \Users\Vasek\Desktop\HRY\DOTA\W3\euroloader.txt
[2008.06.18 03:48:16 | 000,038,912 | ---- | M] () -- \Users\Vasek\Desktop\HRY\DOTA\W3\Diablo II\D2Loader-1.12.exe
[2003.09.26 09:15:26 | 000,169,384 | ---- | M] () -- \Users\Vasek\Desktop\HRY\Install\Counter Strike 1.6\CS\cstrike\models\qloader.mdl
[2003.09.26 15:19:52 | 000,352,548 | ---- | M] () -- \Users\Vasek\Desktop\HRY\Install\Counter Strike 1.6\CS\valve\models\loader.mdl
[2003.09.26 15:24:16 | 000,012,764 | ---- | M] () -- \Users\Vasek\Desktop\HRY\Install\Counter Strike 1.6\CS\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 15:24:16 | 000,012,164 | ---- | M] () -- \Users\Vasek\Desktop\HRY\Install\Counter Strike 1.6\CS\valve\sound\ambience\loader_step1.wav
[2012.01.11 18:17:00 | 000,022,413 | ---- | M] () -- \Users\Vasek\Downloads\A-PDF.Restrictions.Remover.v1.5.2.Loader-AHCU.rar
[2012.01.11 18:14:42 | 000,021,990 | ---- | M] () -- \Users\Vasek\Downloads\A-PDF.Restrictions.Remover.v1.6.2.Loader-AHCU.rar
[2011.11.16 15:17:30 | 000,792,704 | ---- | M] () -- \Users\Vasek\Downloads\amddriverdownloader.exe
[2011.06.28 12:54:48 | 000,142,400 | ---- | M] () -- \Users\Vasek\Downloads\jdownloader.png
[2011.06.03 22:26:46 | 025,969,280 | ---- | M] () -- \Users\Vasek\Downloads\JDownloaderSetup (1).exe
[2011.05.15 10:21:53 | 025,969,280 | ---- | M] () -- \Users\Vasek\Downloads\JDownloaderSetup.exe
[2011.05.17 20:52:59 | 000,287,016 | ---- | M] () -- \Users\Vasek\Downloads\SoftonicDownloader_for_local-smtp-server.exe
[2011.10.18 18:47:34 | 000,286,064 | ---- | M] () -- \Users\Vasek\Downloads\SoftonicDownloader_for_winqsb.exe
[2011.06.14 19:02:03 | 000,105,782 | ---- | M] () -- \Users\Vasek\Downloads\Uber-Uploader_6.8.2.zip
[2011.06.03 22:09:21 | 000,040,723 | ---- | M] () -- \Users\Vasek\Downloads\uploader_v1.2.zip
[2011.05.09 15:58:42 | 000,008,455 | ---- | M] () -- \Users\Vasek\Downloads\ckeditor_3.6\ckeditor\_source\core\loader.js
[2011.05.09 15:58:42 | 000,005,043 | ---- | M] () -- \Users\Vasek\Downloads\ckeditor_3.6\ckeditor\_source\core\scriptloader.js
[2011.06.03 22:26:46 | 025,969,280 | ---- | M] () -- \Users\Vasek\Sdílené\JDownloaderSetup (1).exe
[2011.05.15 10:21:53 | 025,969,280 | ---- | M] () -- \Users\Vasek\Sdílené\JDownloaderSetup.exe
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[3 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[3 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.07.11 09:45:14 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.11 09:45:14 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.07.11 09:45:14 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.07.11 09:45:14 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.07.11 09:45:14 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.05.20 00:26:28 | 000,001,718 | ---- | M] () -- \Zaloha\Moje\Webdesign - PSD\gamenow\plugins\gd-star-rating\code\js\loaders.php
[2009.05.18 20:25:30 | 000,004,838 | ---- | M] () -- \Zaloha\Moje\Webdesign - PSD\gamenow\plugins\wp-post-thumbnail\images\loader-medium.gif
[2009.05.18 20:25:30 | 000,002,386 | ---- | M] () -- \Zaloha\Moje\Webdesign - PSD\gamenow\plugins\wp-post-thumbnail\images\loader-small.gif
========== Alternate Data Streams ==========
@Alternate Data Stream - 273 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:51394AA5
< End of report >
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[3 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.10.12 15:21:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\2K Sports
[2011.11.15 17:06:17 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Adobe
[2011.11.15 17:05:50 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Adobe Mini Bridge CS5
[2011.07.19 15:31:20 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AIMP
[2012.01.13 23:21:05 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AIMP3
[2011.06.02 12:15:58 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Ashampoo
[2011.05.11 17:51:15 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\ATI
[2011.05.23 15:17:07 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\AVG10
[2012.01.06 15:29:41 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.06.14 19:04:55 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Crayon Physics Deluxe
[2011.07.27 09:26:55 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\DAEMON Tools Lite
[2011.10.19 17:25:59 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Dev-Cpp
[2012.01.11 17:58:45 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\EurekaLog
[2012.01.07 17:22:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\GemX eBooks
[2011.10.07 20:39:14 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\GHISLER
[2011.11.12 21:41:43 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\ICQ
[2011.05.10 20:04:21 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Identities
[2011.06.26 14:47:29 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Leadertech
[2011.05.10 20:37:37 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Macromedia
[2009.07.14 16:36:58 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Media Center Programs
[2012.01.11 18:25:15 | 000,000,000 | --SD | M] -- C:\Users\Vasek\AppData\Roaming\Microsoft
[2011.05.21 18:44:32 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Mozilla
[2011.11.15 14:55:35 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\National Instruments
[2012.01.11 17:50:52 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\pdf2image2009
[2012.01.11 18:34:10 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\PrimoPDF
[2011.10.07 20:39:15 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\PSpad
[2011.12.07 17:53:49 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\PunkBuster
[2011.12.14 19:10:05 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Skype
[2011.11.15 17:05:49 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.05.11 19:54:17 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\TeamViewer
[2011.12.14 19:16:54 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Trine2
[2012.01.03 20:11:07 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\vlc
[2011.10.08 10:10:43 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Vso
[2011.05.10 21:04:04 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\WinRAR
[2011.09.04 13:46:39 | 000,000,000 | ---D | M] -- C:\Users\Vasek\AppData\Roaming\Wireshark
< %APPDATA%\*.exe /s >
[2011.10.08 10:10:43 | 000,099,384 | ---- | M] () -- C:\Users\Vasek\AppData\Roaming\inst.exe
[2011.10.11 14:52:01 | 000,088,102 | R--- | M] () -- C:\Users\Vasek\AppData\Roaming\Microsoft\Installer\{BA45D6C9-AC93-288B-DC4C-D65A01A2ED02}\ARPPRODUCTICON.exe
[2011.10.18 20:47:26 | 003,123,272 | R--- | M] () -- C:\Users\Vasek\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.01.14 12:24:50 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012.01.14 12:24:23 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012.01.13 16:08:00 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2012.01.13 14:26:41 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3462720487-3478806260-676090027-1000Core.job
[2012.01.14 11:10:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3462720487-3478806260-676090027-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\Vasek\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.05.10 20:20:49 | 000,136,176 | ---- | M] (Google Inc.)
"AdobeBridge" = "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth -- [2010.03.09 03:28:26 | 011,989,960 | ---- | M] (Adobe Systems, Inc.)
"Steam" = "C:\Program Files (x86)\Steam\Steam.exe" -silent -- [2011.12.15 18:31:55 | 001,242,448 | ---- | M] (Valve Corporation)
"SpybotSD TeaTimer" = C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe -- [2009.01.26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.14 12:32:16 | 000,000,512 | ---- | M] () MD5=4B73EB67DD6440818E44B73E3B58E95A -- C:\PhysicalMBR.bin
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.08.31 00:12:21 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=9089100A22856513CBF35E18C552D53F -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.07.11 10:07:36 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< *crack* /s >
[2005.07.07 20:22:11 | 000,000,100 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\concrete\prodwllecracked.vmt
[2005.07.07 20:22:12 | 000,174,968 | ---- | M] () -- \Program Files (x86)\Counter-Strike Source\cstrike\materials\concrete\prodwllecracked.vtf
[2012.01.11 17:58:35 | 000,000,848 | ---- | M] () -- \Users\Vasek\AppData\Roaming\Microsoft\Windows\Recent\A-PDF.Image.to.PDF.v4.3.3.Cracked.CRACKFiX.ONLY-REViSE.lnk
[2012.01.11 17:58:35 | 001,970,106 | ---- | M] () -- \Users\Vasek\Downloads\A-PDF.Image.to.PDF.v4.3.3.Cracked.CRACKFiX.ONLY-REViSE.rar
[2011.05.26 15:55:52 | 000,746,496 | ---- | M] () -- \Users\Vasek\Downloads\Dirt.3-SKIDROW-CRACK_ONLY.zip
[2011.05.16 21:21:19 | 005,479,706 | ---- | M] () -- \Users\Vasek\Downloads\free-smtp-server-2-58_incl_crack.zip
[2011.11.22 17:19:25 | 012,087,192 | ---- | M] () -- \Users\Vasek\Downloads\NFS_Run_2011_Crack_cestina.rar
[2011.01.26 16:27:08 | 023,608,758 | ---- | M] () -- \Users\Vasek\Music\HUDBA\Ramones\1992 - Mondo Bizarro\11. Cabbies on Crack.ape
[2010.01.13 16:04:34 | 006,950,185 | ---- | M] () -- \Users\Vasek\Music\HUDBA\Strung Out\1996 - Suburban Teenage Wasteland Blues\01. Firecracker.mp3
[2009.07.13 05:41:30 | 015,575,392 | ---- | M] () -- \Users\Vasek\Music\HUDBA\The Bouncing Souls\1997 - The Bouncing Souls\01. Cracked.flac
< *keygen* /s >
[2007.08.14 11:51:28 | 000,054,272 | ---- | M] () -- \Program Files (x86)\EA Sports\Madden NFL 08\keygen.exe
[2007.10.15 09:28:50 | 000,262,656 | ---- | M] () -- \Program Files (x86)\National Instruments\KeyGen.exe
[2012.01.11 17:53:45 | 000,000,798 | ---- | M] () -- \Users\Vasek\AppData\Roaming\Microsoft\Windows\Recent\PDF.To.Image.Converter.v2.0.WinALL.Incl.Keygen-ECLiPSE.lnk
[2011.07.12 06:07:23 | 000,108,748 | ---- | M] () -- \Users\Vasek\Downloads\Easy.CD-DA.Extractor.v10.0.3_KEYGEN+PATCH-FFF.zip
[2012.01.11 17:53:45 | 000,119,834 | ---- | M] () -- \Users\Vasek\Downloads\PDF.To.Image.Converter.v2.0.WinALL.Incl.Keygen-ECLiPSE.ZIP
[2011.05.19 12:30:02 | 019,808,149 | ---- | M] () -- \Users\Vasek\Downloads\vso-convertxtodvd-4-1-19-365-final-keygen-brd.rar
< *loader* /s >
[2007.09.28 10:09:34 | 000,001,749 | ---- | M] () -- \localhost\miniRS_v22\soubory\downloader.php
[2011.12.19 18:25:06 | 000,005,167 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\namespace-Nette.Loaders.html
[2011.12.19 18:25:00 | 000,009,544 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\Nette.Config.Loader.html
[2011.12.19 18:25:06 | 000,009,717 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\Nette.Loaders.AutoLoader.html
[2011.12.19 18:25:06 | 000,040,293 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\Nette.Loaders.NetteLoader.html
[2011.12.19 18:25:06 | 000,015,369 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\Nette.Loaders.RobotLoader.html
[2011.12.19 18:25:00 | 000,020,636 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\source-Config.Loader.php.html
[2011.12.19 18:25:06 | 000,013,829 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\source-Loaders.AutoLoader.php.html
[2011.12.19 18:25:06 | 000,053,104 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\source-Loaders.NetteLoader.php.html
[2011.12.19 18:25:06 | 000,051,266 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\API-reference\source-Loaders.RobotLoader.php.html
[2011.12.19 18:23:54 | 000,001,898 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\Nette\loader.php
[2011.12.19 18:23:06 | 000,003,381 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\Nette\Config\Loader.php
[2011.12.19 18:23:06 | 000,001,905 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\Nette\Loaders\AutoLoader.php
[2011.12.19 18:23:56 | 000,016,784 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\Nette\Loaders\NetteLoader.php
[2011.12.19 18:23:54 | 000,008,976 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\Nette\Loaders\RobotLoader.php
[2011.12.19 18:24:54 | 000,001,898 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\sandbox\libs\Nette\loader.php
[2011.12.19 18:24:54 | 000,003,381 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\sandbox\libs\Nette\Config\Loader.php
[2011.12.19 18:24:54 | 000,001,905 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\sandbox\libs\Nette\Loaders\AutoLoader.php
[2011.12.19 18:24:54 | 000,016,784 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\sandbox\libs\Nette\Loaders\NetteLoader.php
[2011.12.19 18:24:54 | 000,008,976 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\sandbox\libs\Nette\Loaders\RobotLoader.php
[2011.12.19 18:23:06 | 000,000,723 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\tests\Nette\Config\Configurator.robotLoader.phpt
[2011.12.19 18:23:06 | 000,000,776 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\tests\Nette\Config\Loader.error.phpt
[2011.12.19 18:23:06 | 000,000,890 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\tests\Nette\Config\Loader.include.phpt
[2011.12.19 18:23:06 | 000,000,410 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\tests\Nette\Loaders\NetteLoader.phpt
[2011.12.19 18:23:54 | 000,001,812 | ---- | M] () -- \localhost\NetteFramework-2.0beta-PHP5.3\tests\Nette\Loaders\RobotLoader.phpt
[2011.12.19 18:23:54 | 000,001,898 | ---- | M] () -- \localhost\OOP\libs\Nette\loader.php
[2011.12.19 18:23:06 | 000,003,381 | ---- | M] () -- \localhost\OOP\libs\Nette\Config\Loader.php
[2011.12.19 18:23:06 | 000,001,905 | ---- | M] () -- \localhost\OOP\libs\Nette\Loaders\AutoLoader.php
[2011.12.19 18:23:56 | 000,016,784 | ---- | M] () -- \localhost\OOP\libs\Nette\Loaders\NetteLoader.php
[2011.12.19 18:23:54 | 000,008,976 | ---- | M] () -- \localhost\OOP\libs\Nette\Loaders\RobotLoader.php
[2010.01.12 16:11:26 | 000,002,188 | ---- | M] () -- \localhost\visioncms_0.9.0-rc2\administrator\js\preloader.js
[2011.03.25 19:33:30 | 000,035,175 | ---- | M] () -- \localhost\wordpress\wp-includes\script-loader.php
[2010.04.28 06:48:10 | 000,001,893 | ---- | M] () -- \localhost\wordpress\wp-includes\template-loader.php
[2007.03.14 18:21:36 | 004,937,904 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007.03.14 16:07:28 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010.03.09 03:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 00:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 00:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 00:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2011.04.15 15:29:28 | 000,000,118 | ---- | M] () -- \Program Files (x86)\Codemasters\DiRT 3\audio\audio_loader.xml
[2007.03.14 16:10:18 | 000,088,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:20 | 000,025,188 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\cs_cz\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:26 | 000,032,022 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:28 | 000,032,216 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:30 | 000,027,655 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:36 | 000,030,891 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\en_us\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:38 | 000,032,399 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:42 | 000,032,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:42 | 000,032,393 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:46 | 000,022,871 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:48 | 000,025,272 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:50 | 000,032,109 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:50 | 000,032,441 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:52 | 000,032,499 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:54 | 000,032,074 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:56 | 000,032,110 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:58 | 000,024,996 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:00 | 000,031,772 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:02 | 000,024,463 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:04 | 000,025,054 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:06 | 000,032,171 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:06 | 000,024,411 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:08 | 000,025,525 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:10 | 000,032,741 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:10 | 000,032,833 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007.03.08 15:35:32 | 000,004,239 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2010.10.07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.02.11 11:56:48 | 000,001,651 | ---- | M] () -- \Program Files (x86)\EasyPHP-5.3.6.0\phpmyadmin\libraries\PHPExcel\PHPExcel\Autoloader.php
[2011.12.07 14:50:30 | 000,064,352 | ---- | M] () -- \Program Files (x86)\Frozenbyte\Trine 2\PhysXLoader.dll
[2011.12.07 14:50:30 | 000,066,912 | ---- | M] () -- \Program Files (x86)\Frozenbyte\Trine 2\PhysXLoader64.dll
[2011.07.12 15:08:54 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.07.12 15:08:54 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.07.12 15:08:54 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.07.28 09:28:41 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.07.12 15:09:35 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.07.12 15:09:36 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.11.29 11:59:18 | 000,228,864 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ubiorbitapi_r2_loader.dll
[2011.10.30 07:10:24 | 000,169,080 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Revelations\uplay_r1_loader.dll
[2011.09.23 23:19:25 | 000,228,352 | ---- | M] () -- \Program Files (x86)\Ubisoft\Driver San Francisco\ubiorbitapi_r2_loader.dll
[2011.08.30 14:21:55 | 000,171,320 | ---- | M] () -- \Program Files (x86)\Ubisoft\Driver San Francisco\uplay_r1_loader.dll
[2010.10.07 04:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.03.02 11:39:58 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.03.08 08:43:28 | 000,013,734 | ---- | M] () -- \Python27\Lib\unittest\loader.py
[2011.03.08 08:43:28 | 000,050,487 | ---- | M] () -- \Python27\Lib\unittest\test\test_loader.py
[2011.05.17 14:19:05 | 000,057,728 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2011.05.17 14:19:05 | 000,057,728 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2011.05.17 14:19:05 | 000,057,728 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011.07.12 15:09:31 | 000,000,402 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELA5OS7J\preloader[1].htm
[2011.07.12 15:09:36 | 000,000,402 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLMEYC11\preloader[1].htm
[2011.07.22 09:52:46 | 000,001,891 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLMEYC11\preloader[1].js
[2011.07.12 15:09:35 | 000,000,402 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHBN1PLF\preloader[1].htm
[2011.07.22 09:52:47 | 000,002,931 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHBN1PLF\preloader[1].swf
[2011.07.28 09:28:41 | 000,000,402 | ---- | M] () -- \Users\Vasek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHBN1PLF\preloader[2].htm
[2012.01.11 18:17:02 | 000,000,803 | ---- | M] () -- \Users\Vasek\AppData\Roaming\Microsoft\Windows\Recent\A-PDF.Restrictions.Remover.v1.5.2.Loader-AHCU.lnk
[2011.12.13 20:20:52 | 000,001,674 | ---- | M] () -- \Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eurobattle.net\Euroloader.lnk
[2011.12.13 15:25:20 | 000,001,600 | ---- | M] () -- \Users\Vasek\Desktop\HRY\DOTA\Euroloader.lnk
[2011.09.25 23:18:06 | 000,098,816 | ---- | M] () -- \Users\Vasek\Desktop\HRY\DOTA\W3\euroloader.exe
[2011.05.06 18:47:43 | 000,000,046 | ---- | M] () -- \Users\Vasek\Desktop\HRY\DOTA\W3\euroloader.txt
[2008.06.18 03:48:16 | 000,038,912 | ---- | M] () -- \Users\Vasek\Desktop\HRY\DOTA\W3\Diablo II\D2Loader-1.12.exe
[2003.09.26 09:15:26 | 000,169,384 | ---- | M] () -- \Users\Vasek\Desktop\HRY\Install\Counter Strike 1.6\CS\cstrike\models\qloader.mdl
[2003.09.26 15:19:52 | 000,352,548 | ---- | M] () -- \Users\Vasek\Desktop\HRY\Install\Counter Strike 1.6\CS\valve\models\loader.mdl
[2003.09.26 15:24:16 | 000,012,764 | ---- | M] () -- \Users\Vasek\Desktop\HRY\Install\Counter Strike 1.6\CS\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 15:24:16 | 000,012,164 | ---- | M] () -- \Users\Vasek\Desktop\HRY\Install\Counter Strike 1.6\CS\valve\sound\ambience\loader_step1.wav
[2012.01.11 18:17:00 | 000,022,413 | ---- | M] () -- \Users\Vasek\Downloads\A-PDF.Restrictions.Remover.v1.5.2.Loader-AHCU.rar
[2012.01.11 18:14:42 | 000,021,990 | ---- | M] () -- \Users\Vasek\Downloads\A-PDF.Restrictions.Remover.v1.6.2.Loader-AHCU.rar
[2011.11.16 15:17:30 | 000,792,704 | ---- | M] () -- \Users\Vasek\Downloads\amddriverdownloader.exe
[2011.06.28 12:54:48 | 000,142,400 | ---- | M] () -- \Users\Vasek\Downloads\jdownloader.png
[2011.06.03 22:26:46 | 025,969,280 | ---- | M] () -- \Users\Vasek\Downloads\JDownloaderSetup (1).exe
[2011.05.15 10:21:53 | 025,969,280 | ---- | M] () -- \Users\Vasek\Downloads\JDownloaderSetup.exe
[2011.05.17 20:52:59 | 000,287,016 | ---- | M] () -- \Users\Vasek\Downloads\SoftonicDownloader_for_local-smtp-server.exe
[2011.10.18 18:47:34 | 000,286,064 | ---- | M] () -- \Users\Vasek\Downloads\SoftonicDownloader_for_winqsb.exe
[2011.06.14 19:02:03 | 000,105,782 | ---- | M] () -- \Users\Vasek\Downloads\Uber-Uploader_6.8.2.zip
[2011.06.03 22:09:21 | 000,040,723 | ---- | M] () -- \Users\Vasek\Downloads\uploader_v1.2.zip
[2011.05.09 15:58:42 | 000,008,455 | ---- | M] () -- \Users\Vasek\Downloads\ckeditor_3.6\ckeditor\_source\core\loader.js
[2011.05.09 15:58:42 | 000,005,043 | ---- | M] () -- \Users\Vasek\Downloads\ckeditor_3.6\ckeditor\_source\core\scriptloader.js
[2011.06.03 22:26:46 | 025,969,280 | ---- | M] () -- \Users\Vasek\Sdílené\JDownloaderSetup (1).exe
[2011.05.15 10:21:53 | 025,969,280 | ---- | M] () -- \Users\Vasek\Sdílené\JDownloaderSetup.exe
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[3 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[3 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.07.11 09:45:14 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.11 09:45:14 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.07.11 09:45:14 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.07.11 09:45:14 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.07.11 09:45:14 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.05.20 00:26:28 | 000,001,718 | ---- | M] () -- \Zaloha\Moje\Webdesign - PSD\gamenow\plugins\gd-star-rating\code\js\loaders.php
[2009.05.18 20:25:30 | 000,004,838 | ---- | M] () -- \Zaloha\Moje\Webdesign - PSD\gamenow\plugins\wp-post-thumbnail\images\loader-medium.gif
[2009.05.18 20:25:30 | 000,002,386 | ---- | M] () -- \Zaloha\Moje\Webdesign - PSD\gamenow\plugins\wp-post-thumbnail\images\loader-small.gif
========== Alternate Data Streams ==========
@Alternate Data Stream - 273 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:51394AA5
< End of report >
Re: Také FB virus
Extras.txt
OTL Extras logfile created on: 14.1.2012 12:29:17 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vasek\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 50,43% Memory free
8,00 Gb Paging File | 5,63 Gb Available in Paging File | 70,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 203,34 Gb Free Space | 21,83% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 70,16 Mb Free Space | 70,16% Space Free | Partition Type: NTFS
Drive G: | 153,28 Gb Total Space | 76,99 Gb Free Space | 50,23% Space Free | Partition Type: NTFS
Computer Name: VASEK-PC | User Name: Vasek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{36EAEAF0-CDC5-F32F-01D2-C7D01EF96472}" = AMD AVIVO64 Codecs
"{38D1C189-B133-401C-A729-3C47ED984B31}" = AVG 2011
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7FA24ACE-BF20-5570-F94A-3AE540223771}" = AMD Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A0377472-ED83-4A66-8B2E-0ECAEF190E47}" = AVG 2011
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B305CEFC-93A1-EF99-BFEF-CF7985E88D03}" = ccc-utility64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0D59644-6282-D7C8-0EE3-4DDD7245C84C}" = AMD Media Foundation Decoders
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E33AC780-456C-6295-E0F3-10A8D39A09FB}" = AMD Drag and Drop Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2011
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0168B3E7-393C-4749-B429-FD5B6FD50567}" = NI Circuit Design Suite Support and Upgrade Utility
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0BEA337D-71D0-44C7-A575-932612A00908}" = NI EULA Depot
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22764EFF-300F-8F3D-564D-7A4C4662D120}" = CCC Help Polish
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2894AAC3-9A08-FF3A-6737-41A6178D0A09}" = CCC Help Chinese Standard
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2E295B5B-1AD4-4d36-97C2-A316084722CF}" = Python 2.7.2
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{3536AD21-940C-D198-DD10-078011A5C13B}" = CCC Help Thai
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{49D87A8F-D04F-7749-DD32-BDBF9B24B232}" = CCC Help Finnish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CDE9452-7BA2-46BC-9551-6A041F4A3B66}" = NI LabVIEW Run-Time Engine 8.2
"{5066FFF7-0029-BBA3-DD41-D71599987F1B}" = Catalyst Control Center InstallProxy
"{5211BF94-F97C-47E7-BC7C-BE804A79F8A2}" = MLB 2K10
"{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"{53FE1175-1B37-4677-924C-62AFFCC83800}" = NI MDF Support
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{660C748F-A503-B771-7BD6-2D7C5AA1DBB4}" = CCC Help Dutch
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6CAB860B-CB68-462B-AF66-83AEF9BD6ED2}" = NI Circuit Design Suite 10 Pro
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6E03FAB5-6253-58B8-B939-AA83F64C3278}" = CCC Help Swedish
"{6EC3499F-025A-4EDB-A03D-AB3DC042051D}" = Adobe Setup
"{6FADAF5C-C9AC-49E5-8B14-7021F91EF0B5}" = NI LabVIEW Run-Time Engine 8.0.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A75AFE3-A0C3-951D-4804-54721360FF90}" = CCC Help Hungarian
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{889BF4A8-E783-46C4-8FB8-97A0B977C32A}" = NI LabWindows/CVI 8.0.1 Run-Time Engine
"{8BD626B2-7EFA-73E5-D50F-5BEDD5D99F3D}" = HydraVision
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D6F5556-EB3C-420D-9B75-020DEF9AD0AC}" = NI Uninstaller
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{96A628B7-93D6-46CC-9E74-02F7D2E21E96}" = Major League Baseball 2K11
"{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}" = Pro Evolution Soccer 2011
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F218882-4CF1-F411-111A-B9B68770C0CE}" = CCC Help Czech
"{A1EF8DA8-E0CB-C805-4ACA-B7C028CF36F2}" = CCC Help Italian
"{A1F7BDF1-6D46-46FC-92D1-BC91202251DD}" = NI Service Locator
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2DC3907-B0A3-484F-9677-A16F1D58BF60}" = NI TDMS
"{A3BC1DBD-64D6-4EBC-0091-24C811662D40}" = Madden NFL 08
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9F27D99-8478-C124-8978-09595FA9D805}" = CCC Help Portuguese
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAB0D88E-85D7-22CC-6935-0D2247152700}" = CCC Help French
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA45D6C9-AC93-288B-DC4C-D65A01A2ED02}" = Application Profiles
"{BAADD05A-8BDD-4C1B-BE38-94627C552A86}" = NI Logos 4.7
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{C104E9E6-F21E-2762-FBF0-6FE820B2D739}" = CCC Help Korean
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5632631-95E3-4DAF-2EB1-487EBE04DE19}" = Catalyst Control Center
"{C95E964C-FCF4-13DB-1445-4FA8062271F8}" = CCC Help Spanish
"{CD094AFB-E5B0-4687-A3D2-358E04BCA172}" = NI Circuit Design Suite 10 Core
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D6CD1A90-1421-4F19-AFD8-BE4E28A1D6D5}" = Adobe Illustrator CS3
"{D7A8C334-7974-54A4-6533-EB84D19D7133}" = CCC Help English
"{D89F00EB-7868-A817-D618-AA446C0D56B3}" = CCC Help Chinese Traditional
"{D8B7A9C5-7ACE-4F9C-9788-77D08850AB4F}" = NI USI 1.3.0
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9AB20FE-5267-7A1A-2064-8F18969DF88D}" = CCC Help German
"{DA45F8EC-4226-EA6A-4DA9-F1148F801BDA}" = CCC Help Russian
"{DA7747E1-1F8D-BBC5-BE66-00B21BE5B81B}" = CCC Help Turkish
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DADEC9BB-66FC-A3E4-8BC9-83E73BA1B5B2}" = CCC Help Greek
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{DD0FDF02-6AA4-8C7D-AAB0-4C8C7207C0C1}" = CCC Help Japanese
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E0D5CB1C-7D35-709E-7F58-6CF6FFC3D6B7}" = Catalyst Control Center Graphics Previews Common
"{E43196CF-182A-4D9E-9CE7-69616DBEE3B0}" = Ad-Aware
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EB20F561-2AF5-0368-E353-AF093FBBADC2}" = CCC Help Norwegian
"{ECDE16E7-E3FC-F094-F14D-0326D03B9D96}" = Catalyst Control Center InstallProxy
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F38AF6F6-059C-C683-826F-00539526D86D}" = CCC Help Danish
"{FCD58710-F023-E26C-6373-79C72FED0B90}" = Catalyst Control Center Localization All
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDB8EF7A-4118-4B27-8892-4FBE82729340}" = NI License Manager
"Adobe AIR" = Adobe AIR
"Adobe_b5ed30048e229c36945fd3d95860c0b" = Adobe Illustrator CS3
"Advanced RAR Password Recovery" = Advanced RAR Password Recovery (remove only)
"AIMP3" = AIMP3
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"Brink_is1" = Brink
"Cisco Packet Tracer 5.3.2_is1" = Cisco Packet Tracer 5.3.2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Counter-Strike: Source" = Counter-Strike: Source
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DotAlicious Gaming Client" = DotAlicious Gaming Client
"Driver San Francisco" = Driver San Francisco
"Easy CD-DA Extractor 12" = Easy CD-DA Extractor 12
"Easy CD-DA Extractor 15" = Easy CD-DA Extractor 15
"ePub to PDF Converter_is1" = ePub to PDF Converter 2.0.1
"FBReader for Windows" = FBReader for Windows
"FIFA 12 (c) EA_is1" = FIFA 12 (c) EA version 1
"Fraps" = Fraps
"Free SMTP Server_is1" = Free SMTP Server
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"GFWL_{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Insane 2_is1" = Insane 2
"InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"Kernel for PDF Restriction Removal_is1" = Kernel for PDF Restriction Removal ver 11.02.01
"Killing Floor" = Killing Floor
"LanShutDown_is1" = LanShutDown
"LastFM_is1" = Last.fm 1.5.4.27091
"Mozilla Firefox 6.0.1 (x86 cs)" = Mozilla Firefox 6.0.1 (x86 cs)
"NetCut_is1" = NetCut 2.1.4
"NI Uninstaller" = National Instruments Software
"PDF Unlocker - Demo Version 2.0_is1" = PDF Unlocker
"PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"Rage_is1" = Rage
"ReDynaMix HDR (Adobe Photoshop Plug-in)_is1" = DCETools - ReDynaMix HDR
"Rugby Challenge_is1" = Rugby Challenge
"Saints Row The Third_is1" = Saints Row The Third
"TeamViewer 6" = TeamViewer 6
"Totalcmd" = Total Commander (Remove or Repair)
"Trine 2_is1" = Trine 2
"Trucks & Trailers" = Trucks & Trailers 1.00
"VLC media player" = VLC media player 1.1.9
"Windows Grep_is1" = Windows Grep 2.3
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.6.1
"WordToPDF_is1" = WordToPDF v.2.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3462720487-3478806260-676090027-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'events_waits_summary_by_instance'
has the wrong structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'events_waits_summary_global_by_event_name'
has the wrong structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'file_summary_by_event_name' has
the wrong structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'file_summary_by_instance' has the
wrong structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'mutex_instances' has the wrong
structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'rwlock_instances' has the wrong
structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'cond_instances' has the wrong structure
For
more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'file_instances' has the wrong structure
For
more information, see Help and Support Center at http://www.mysql.com.
Error - 13.1.2012 12:06:07 | Computer Name = Vasek-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 13.1.2012 12:08:57 | Computer Name = Vasek-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files (x86)\spybot - search
& destroy\DelZip179.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files (x86)\spybot - search & destroy\DelZip179.dll na řádku 8. Hodnota * atributu
language v prvku assemblyIdentity je neplatná.
[ System Events ]
Error - 29.7.2011 15:22:48 | Computer Name = Vasek-PC | Source = BTHUSB | ID = 327685
Description = Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel
ji.
Error - 29.7.2011 16:12:06 | Computer Name = Vasek-PC | Source = DCOM | ID = 10010
Description =
Error - 30.7.2011 4:49:52 | Computer Name = Vasek-PC | Source = BTHUSB | ID = 327685
Description = Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel
ji.
Error - 30.7.2011 4:49:56 | Computer Name = Vasek-PC | Source = BTHUSB | ID = 327685
Description = Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel
ji.
Error - 31.7.2011 2:23:43 | Computer Name = Vasek-PC | Source = BTHUSB | ID = 327685
Description = Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel
ji.
Error - 31.7.2011 2:23:47 | Computer Name = Vasek-PC | Source = BTHUSB | ID = 327685
Description = Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel
ji.
Error - 31.7.2011 2:43:54 | Computer Name = Vasek-PC | Source = DCOM | ID = 10010
Description =
Error - 6.8.2011 16:22:13 | Computer Name = Vasek-PC | Source = DCOM | ID = 10010
Description =
Error - 7.8.2011 15:53:14 | Computer Name = Vasek-PC | Source = DCOM | ID = 10010
Description =
Error - 8.8.2011 17:00:22 | Computer Name = Vasek-PC | Source = DCOM | ID = 10010
Description =
< End of report >
OTL Extras logfile created on: 14.1.2012 12:29:17 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vasek\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 50,43% Memory free
8,00 Gb Paging File | 5,63 Gb Available in Paging File | 70,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 203,34 Gb Free Space | 21,83% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 70,16 Mb Free Space | 70,16% Space Free | Partition Type: NTFS
Drive G: | 153,28 Gb Total Space | 76,99 Gb Free Space | 50,23% Space Free | Partition Type: NTFS
Computer Name: VASEK-PC | User Name: Vasek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{36EAEAF0-CDC5-F32F-01D2-C7D01EF96472}" = AMD AVIVO64 Codecs
"{38D1C189-B133-401C-A729-3C47ED984B31}" = AVG 2011
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7FA24ACE-BF20-5570-F94A-3AE540223771}" = AMD Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A0377472-ED83-4A66-8B2E-0ECAEF190E47}" = AVG 2011
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B305CEFC-93A1-EF99-BFEF-CF7985E88D03}" = ccc-utility64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0D59644-6282-D7C8-0EE3-4DDD7245C84C}" = AMD Media Foundation Decoders
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E33AC780-456C-6295-E0F3-10A8D39A09FB}" = AMD Drag and Drop Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2011
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0168B3E7-393C-4749-B429-FD5B6FD50567}" = NI Circuit Design Suite Support and Upgrade Utility
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0BEA337D-71D0-44C7-A575-932612A00908}" = NI EULA Depot
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22764EFF-300F-8F3D-564D-7A4C4662D120}" = CCC Help Polish
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2894AAC3-9A08-FF3A-6737-41A6178D0A09}" = CCC Help Chinese Standard
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2E295B5B-1AD4-4d36-97C2-A316084722CF}" = Python 2.7.2
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{3536AD21-940C-D198-DD10-078011A5C13B}" = CCC Help Thai
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{49D87A8F-D04F-7749-DD32-BDBF9B24B232}" = CCC Help Finnish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CDE9452-7BA2-46BC-9551-6A041F4A3B66}" = NI LabVIEW Run-Time Engine 8.2
"{5066FFF7-0029-BBA3-DD41-D71599987F1B}" = Catalyst Control Center InstallProxy
"{5211BF94-F97C-47E7-BC7C-BE804A79F8A2}" = MLB 2K10
"{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"{53FE1175-1B37-4677-924C-62AFFCC83800}" = NI MDF Support
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{660C748F-A503-B771-7BD6-2D7C5AA1DBB4}" = CCC Help Dutch
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6CAB860B-CB68-462B-AF66-83AEF9BD6ED2}" = NI Circuit Design Suite 10 Pro
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6E03FAB5-6253-58B8-B939-AA83F64C3278}" = CCC Help Swedish
"{6EC3499F-025A-4EDB-A03D-AB3DC042051D}" = Adobe Setup
"{6FADAF5C-C9AC-49E5-8B14-7021F91EF0B5}" = NI LabVIEW Run-Time Engine 8.0.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A75AFE3-A0C3-951D-4804-54721360FF90}" = CCC Help Hungarian
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{889BF4A8-E783-46C4-8FB8-97A0B977C32A}" = NI LabWindows/CVI 8.0.1 Run-Time Engine
"{8BD626B2-7EFA-73E5-D50F-5BEDD5D99F3D}" = HydraVision
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D6F5556-EB3C-420D-9B75-020DEF9AD0AC}" = NI Uninstaller
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{96A628B7-93D6-46CC-9E74-02F7D2E21E96}" = Major League Baseball 2K11
"{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}" = Pro Evolution Soccer 2011
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F218882-4CF1-F411-111A-B9B68770C0CE}" = CCC Help Czech
"{A1EF8DA8-E0CB-C805-4ACA-B7C028CF36F2}" = CCC Help Italian
"{A1F7BDF1-6D46-46FC-92D1-BC91202251DD}" = NI Service Locator
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2DC3907-B0A3-484F-9677-A16F1D58BF60}" = NI TDMS
"{A3BC1DBD-64D6-4EBC-0091-24C811662D40}" = Madden NFL 08
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9F27D99-8478-C124-8978-09595FA9D805}" = CCC Help Portuguese
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAB0D88E-85D7-22CC-6935-0D2247152700}" = CCC Help French
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA45D6C9-AC93-288B-DC4C-D65A01A2ED02}" = Application Profiles
"{BAADD05A-8BDD-4C1B-BE38-94627C552A86}" = NI Logos 4.7
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{C104E9E6-F21E-2762-FBF0-6FE820B2D739}" = CCC Help Korean
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5632631-95E3-4DAF-2EB1-487EBE04DE19}" = Catalyst Control Center
"{C95E964C-FCF4-13DB-1445-4FA8062271F8}" = CCC Help Spanish
"{CD094AFB-E5B0-4687-A3D2-358E04BCA172}" = NI Circuit Design Suite 10 Core
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D6CD1A90-1421-4F19-AFD8-BE4E28A1D6D5}" = Adobe Illustrator CS3
"{D7A8C334-7974-54A4-6533-EB84D19D7133}" = CCC Help English
"{D89F00EB-7868-A817-D618-AA446C0D56B3}" = CCC Help Chinese Traditional
"{D8B7A9C5-7ACE-4F9C-9788-77D08850AB4F}" = NI USI 1.3.0
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9AB20FE-5267-7A1A-2064-8F18969DF88D}" = CCC Help German
"{DA45F8EC-4226-EA6A-4DA9-F1148F801BDA}" = CCC Help Russian
"{DA7747E1-1F8D-BBC5-BE66-00B21BE5B81B}" = CCC Help Turkish
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DADEC9BB-66FC-A3E4-8BC9-83E73BA1B5B2}" = CCC Help Greek
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{DD0FDF02-6AA4-8C7D-AAB0-4C8C7207C0C1}" = CCC Help Japanese
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E0D5CB1C-7D35-709E-7F58-6CF6FFC3D6B7}" = Catalyst Control Center Graphics Previews Common
"{E43196CF-182A-4D9E-9CE7-69616DBEE3B0}" = Ad-Aware
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EB20F561-2AF5-0368-E353-AF093FBBADC2}" = CCC Help Norwegian
"{ECDE16E7-E3FC-F094-F14D-0326D03B9D96}" = Catalyst Control Center InstallProxy
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F38AF6F6-059C-C683-826F-00539526D86D}" = CCC Help Danish
"{FCD58710-F023-E26C-6373-79C72FED0B90}" = Catalyst Control Center Localization All
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDB8EF7A-4118-4B27-8892-4FBE82729340}" = NI License Manager
"Adobe AIR" = Adobe AIR
"Adobe_b5ed30048e229c36945fd3d95860c0b" = Adobe Illustrator CS3
"Advanced RAR Password Recovery" = Advanced RAR Password Recovery (remove only)
"AIMP3" = AIMP3
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"Brink_is1" = Brink
"Cisco Packet Tracer 5.3.2_is1" = Cisco Packet Tracer 5.3.2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Counter-Strike: Source" = Counter-Strike: Source
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DotAlicious Gaming Client" = DotAlicious Gaming Client
"Driver San Francisco" = Driver San Francisco
"Easy CD-DA Extractor 12" = Easy CD-DA Extractor 12
"Easy CD-DA Extractor 15" = Easy CD-DA Extractor 15
"ePub to PDF Converter_is1" = ePub to PDF Converter 2.0.1
"FBReader for Windows" = FBReader for Windows
"FIFA 12 (c) EA_is1" = FIFA 12 (c) EA version 1
"Fraps" = Fraps
"Free SMTP Server_is1" = Free SMTP Server
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"GFWL_{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Insane 2_is1" = Insane 2
"InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"Kernel for PDF Restriction Removal_is1" = Kernel for PDF Restriction Removal ver 11.02.01
"Killing Floor" = Killing Floor
"LanShutDown_is1" = LanShutDown
"LastFM_is1" = Last.fm 1.5.4.27091
"Mozilla Firefox 6.0.1 (x86 cs)" = Mozilla Firefox 6.0.1 (x86 cs)
"NetCut_is1" = NetCut 2.1.4
"NI Uninstaller" = National Instruments Software
"PDF Unlocker - Demo Version 2.0_is1" = PDF Unlocker
"PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"Rage_is1" = Rage
"ReDynaMix HDR (Adobe Photoshop Plug-in)_is1" = DCETools - ReDynaMix HDR
"Rugby Challenge_is1" = Rugby Challenge
"Saints Row The Third_is1" = Saints Row The Third
"TeamViewer 6" = TeamViewer 6
"Totalcmd" = Total Commander (Remove or Repair)
"Trine 2_is1" = Trine 2
"Trucks & Trailers" = Trucks & Trailers 1.00
"VLC media player" = VLC media player 1.1.9
"Windows Grep_is1" = Windows Grep 2.3
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.6.1
"WordToPDF_is1" = WordToPDF v.2.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3462720487-3478806260-676090027-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'events_waits_summary_by_instance'
has the wrong structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'events_waits_summary_global_by_event_name'
has the wrong structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'file_summary_by_event_name' has
the wrong structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'file_summary_by_instance' has the
wrong structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'mutex_instances' has the wrong
structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'rwlock_instances' has the wrong
structure For more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'cond_instances' has the wrong structure
For
more information, see Help and Support Center at http://www.mysql.com.
Error - 12.1.2012 15:34:22 | Computer Name = Vasek-PC | Source = MySQL | ID = 100
Description = Native table 'performance_schema'.'file_instances' has the wrong structure
For
more information, see Help and Support Center at http://www.mysql.com.
Error - 13.1.2012 12:06:07 | Computer Name = Vasek-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 13.1.2012 12:08:57 | Computer Name = Vasek-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files (x86)\spybot - search
& destroy\DelZip179.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files (x86)\spybot - search & destroy\DelZip179.dll na řádku 8. Hodnota * atributu
language v prvku assemblyIdentity je neplatná.
[ System Events ]
Error - 29.7.2011 15:22:48 | Computer Name = Vasek-PC | Source = BTHUSB | ID = 327685
Description = Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel
ji.
Error - 29.7.2011 16:12:06 | Computer Name = Vasek-PC | Source = DCOM | ID = 10010
Description =
Error - 30.7.2011 4:49:52 | Computer Name = Vasek-PC | Source = BTHUSB | ID = 327685
Description = Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel
ji.
Error - 30.7.2011 4:49:56 | Computer Name = Vasek-PC | Source = BTHUSB | ID = 327685
Description = Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel
ji.
Error - 31.7.2011 2:23:43 | Computer Name = Vasek-PC | Source = BTHUSB | ID = 327685
Description = Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel
ji.
Error - 31.7.2011 2:23:47 | Computer Name = Vasek-PC | Source = BTHUSB | ID = 327685
Description = Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel
ji.
Error - 31.7.2011 2:43:54 | Computer Name = Vasek-PC | Source = DCOM | ID = 10010
Description =
Error - 6.8.2011 16:22:13 | Computer Name = Vasek-PC | Source = DCOM | ID = 10010
Description =
Error - 7.8.2011 15:53:14 | Computer Name = Vasek-PC | Source = DCOM | ID = 10010
Description =
Error - 8.8.2011 17:00:22 | Computer Name = Vasek-PC | Source = DCOM | ID = 10010
Description =
< End of report >
Re: Také FB virus
Cetl jste si pravidla fora ohledne pomoci s nelegalni SW 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Také FB virus
V tom případě se omlouvám, nelegální AVG odstraním.
Prosím, které Free řešení by jste doporučil ?
Prosím, které Free řešení by jste doporučil ?
Re: Také FB virus
A co samotny system W7, ten mate legalni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Také FB virus
Bohužel nemám, stejně jako 80% domácností.
Bohužel, ceny jsou nastaveny tak vysoko, že zakoupení 3 licencí Windows 7 do domácnosti si prostě dovolit nemůžu.
Bohužel, ceny jsou nastaveny tak vysoko, že zakoupení 3 licencí Windows 7 do domácnosti si prostě dovolit nemůžu.
Re: Také FB virus
Kuk sem http://www.viry.cz/forum/viewtopic.php?f=12&t=115512 - nelze pomahat, bod 2... Existuji i free reseni - linux apod...a da se na licencich W7 i usterit - ruzne promo akce, licence pro studenty apod...Mate nejaky tedy navrh reseni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Také FB virus
Návrh řešení ?
Bohužel, jak jsem psal, kupovat legální Windows 7, jen kvůli tomuto webu prostě nejspíše nepůjde, peněz je v dnešní době už tak málo.
Takže bohužel, jdu zkusit se s tím nějak vypořádat.
Přesto děkuji za snahu.
Bohužel, jak jsem psal, kupovat legální Windows 7, jen kvůli tomuto webu prostě nejspíše nepůjde, peněz je v dnešní době už tak málo.
Takže bohužel, jdu zkusit se s tím nějak vypořádat.
Přesto děkuji za snahu.
Naposledy upravil(a) dObi dne 14 led 2012 16:31, celkem upraveno 1 x.
Re: Také FB virus
No polecime to tedy, ale pokud budete priste zadat o pomoc s nelegalnim OS, bude pomoc odmitnuta - toto bude poznamenano v interni sekci radcu Pouzivate Firefox nebo G Chrome "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Také FB virus
Děkuji za ochotu.
Primárně používám jen Chrome, Firefox mám také nainstalován, ale zaplý mockrát nebyl.
Primárně používám jen Chrome, Firefox mám také nainstalován, ale zaplý mockrát nebyl.
Re: Také FB virus
v G Chrome odinstalujte tento doplnek Google Chrome Rozšíření 1.0.1
Odinstalujte AVG a pouzijte jeste remover http://download.avg.com/filedir/util/su ... 1_1184.exe Nainstalujte avast free http://www.avast.com/cs-cz/free-antivirus-download Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam
- Nahrady za Spybota:
- Samozrejme pouzivejte jen jeden z nich
- Osobne doporucuji SuperAntiSpyware
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost 2 a potvrte enterem
- Utilita provede svou cinnost a da log - ten sem vlozte
- Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Také FB virus
Volba 2
RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Vasek [Admin rights]
Mode: Remove -- Date : 01/14/2012 16:53:52
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 11 ¤¤¤
[SUSP PATH] {231D171C-07E1-4AB5-8284-A0C062C2348E}.job : C:\Users\Vasek\Desktop\WinQSB2.0\SETUP.EXE -> DELETED
[SUSP PATH] {2545CFE4-46AC-4CC2-A277-4D72970EA4A5}.job : C:\Users\Vasek\Desktop\WinQSB2.0\SETUP.EXE -> DELETED
[SUSP PATH] {34F81F4A-07C4-4D23-A7B2-41998AF3001E}.job : C:\Users\Vasek\Desktop\Xilinx 10.1\webpack\setup.exe -> DELETED
[SUSP PATH] {5BCDAB0C-D848-4332-9066-9852BA5382D1}.job : C:\Users\Vasek\Desktop\WinQSB2.0\SETUP.EXE -> DELETED
[SUSP PATH] {C149A493-52CD-4D13-BA80-E8F20AA57A22}.job : C:\Users\Vasek\Desktop\WinQSB2.0\SETUP.EXE -> DELETED
[SUSP PATH] {E0BC5BEF-F997-4204-8ABA-9022B4823A00}.job : C:\Users\Vasek\Desktop\Xilinx 10.1\webpack\setup.exe -> DELETED
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (87.117.135.86:80) -> NOT REMOVED, USE PROXYFIX
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 4b73eb67dd6440818e44b73e3b58e95a
[BSP] 6b853518c93cc7b396b234b516b53568 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 104 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 206848 | Size: 164587 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 3173f570502006029c47d5bab101222c
[BSP] 1f6344041d127a0d552846b6ed3f8ed6 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 104 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 206848 | Size: 1000097 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Vasek [Admin rights]
Mode: Remove -- Date : 01/14/2012 16:53:52
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 11 ¤¤¤
[SUSP PATH] {231D171C-07E1-4AB5-8284-A0C062C2348E}.job : C:\Users\Vasek\Desktop\WinQSB2.0\SETUP.EXE -> DELETED
[SUSP PATH] {2545CFE4-46AC-4CC2-A277-4D72970EA4A5}.job : C:\Users\Vasek\Desktop\WinQSB2.0\SETUP.EXE -> DELETED
[SUSP PATH] {34F81F4A-07C4-4D23-A7B2-41998AF3001E}.job : C:\Users\Vasek\Desktop\Xilinx 10.1\webpack\setup.exe -> DELETED
[SUSP PATH] {5BCDAB0C-D848-4332-9066-9852BA5382D1}.job : C:\Users\Vasek\Desktop\WinQSB2.0\SETUP.EXE -> DELETED
[SUSP PATH] {C149A493-52CD-4D13-BA80-E8F20AA57A22}.job : C:\Users\Vasek\Desktop\WinQSB2.0\SETUP.EXE -> DELETED
[SUSP PATH] {E0BC5BEF-F997-4204-8ABA-9022B4823A00}.job : C:\Users\Vasek\Desktop\Xilinx 10.1\webpack\setup.exe -> DELETED
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (87.117.135.86:80) -> NOT REMOVED, USE PROXYFIX
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 4b73eb67dd6440818e44b73e3b58e95a
[BSP] 6b853518c93cc7b396b234b516b53568 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 104 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 206848 | Size: 164587 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 3173f570502006029c47d5bab101222c
[BSP] 1f6344041d127a0d552846b6ed3f8ed6 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 104 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 206848 | Size: 1000097 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt
Přispějete na provoz fóra?