VIRY.CZ

Dobrý den, prosím o kontrolu logu pc mi 2-3 za hodinu zamrzne a musím restartovat a strašně se zpomalil toto trvá cca 1 měsíc.
Používám internet banking tak se obávám abych neměl napaden pc. Používám legální antivir norton internet security
Zatím předem děkuji. Lesak Cheb


zde přikládám log

Logfile of random's system information tool 1.09 (written by random/random)
Run by LesakMyBox at 2012-06-15 21:38:26
Microsoft Windows 7 Home Premium
System drive C: has 236 GB (51%) free of 464 GB
Total RAM: 3999 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:38:42, on 15.6.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17006)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
C:\Program Files\trend micro\LesakMyBox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=6826
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13789 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
taskeng.exe {1242BA83-674D-48A4-98A0-73B2DAB433A7}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\diMaster.dll" /prefetch:1
C:\Windows\system32\svchost.exe -k regsvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k bthsvcs
WLIDSvcM.exe 1796
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe" /c /a /s UserSession2
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Java\jre6\bin\jusched.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe" /Start
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{A2F80038-CEB4-41C3-82C1-8597727C934C}
{5E436FCB-80D2-423A-939E-AF722AF62689}
{BAB98FAA-93E0-4E83-A6E9-93A3EDCC1878}
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>27444</ID><Title>HP Wireless Assistant</Title><Text>Zařízení WLAN : Zapnuto
Rozhraní Bluetooth(r): Zapnuto</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {F6CC0213-28BA-458B-BB54-A9E119DF9878}
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3220.b7dd4c0.790666976 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3220 "\\.\pipe\gecko-crash-server-pipe.3220" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe" --proxy-stub-channel=Flash3332.705DEFA0.41 --host-broker-channel=Flash3332.705DEFA0.18467 --host-pid=3332 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe" --channel=2880.0040F22C.1546292311 --proxy-stub-channel=Flash3332.705DEFA0.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
wmiadap.exe /F /T /R
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\LesakMyBox\Desktop\Download Net\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\HPCeeScheduleForLesakMyBox.job

=========Mozilla firefox=========

ProfilePath - C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "searchsettings@spigot.com:1.2.3, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, cs@dictionaries.addons.mozilla.org:1.0.2, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =937811&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.257 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.257 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\
cs@dictionaries.addons.mozilla.org
toolbar@ask.com
yasearch@yandex.ru

C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-28 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll [2012-05-10 502200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL [2012-03-29 210360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-07 329480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-07 59144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll [2012-05-25 1125256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll [2012-05-10 502200]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll [2012-05-25 1125256]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 2096424]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-28 171520]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-11 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-11 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-11 365592]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-08-20 322104]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2009-09-02 60464]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2012-05-25 992648]
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2012-01-03 1391272]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2009-11-28 52272]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
"DisableStatusMessages"=0
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoFolderOptions"=0
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-06-15 18:32:59 ----D---- C:\Program Files (x86)\Ask.com
2012-06-15 18:22:30 ----D---- C:\ProgramData\Ask
2012-06-15 18:21:56 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-06-15 18:21:56 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-06-15 18:21:56 ----A---- C:\Windows\SYSWOW64\java.exe
2012-06-14 14:52:01 ----A---- C:\Windows\system32\jscript.dll
2012-06-14 14:52:00 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-06-14 14:51:57 ----A---- C:\Windows\system32\ieframe.dll
2012-06-14 14:51:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-06-14 14:51:52 ----A---- C:\Windows\system32\mshtml.dll
2012-06-14 14:51:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-06-14 14:51:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-06-14 14:51:46 ----A---- C:\Windows\system32\msfeeds.dll
2012-06-14 14:51:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-06-14 14:51:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-06-14 14:51:45 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-14 14:51:44 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-06-14 14:51:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-06-14 14:51:44 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-06-14 14:51:44 ----A---- C:\Windows\system32\wininet.dll
2012-06-14 14:51:44 ----A---- C:\Windows\system32\urlmon.dll
2012-06-14 14:51:44 ----A---- C:\Windows\system32\iedkcs32.dll
2012-06-14 14:51:43 ----A---- C:\Windows\SYSWOW64\mstime.dll
2012-06-14 14:51:43 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-06-14 14:51:43 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-06-14 14:51:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-06-14 14:51:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-06-14 14:51:43 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-06-14 14:51:43 ----A---- C:\Windows\system32\mstime.dll
2012-06-14 14:51:43 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-06-14 14:51:43 ----A---- C:\Windows\system32\licmgr10.dll
2012-06-14 14:51:43 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-14 14:51:43 ----A---- C:\Windows\system32\ieui.dll
2012-06-14 14:51:43 ----A---- C:\Windows\system32\iertutil.dll
2012-06-14 14:51:43 ----A---- C:\Windows\system32\iepeers.dll
2012-06-14 14:51:42 ----A---- C:\Windows\SYSWOW64\url.dll
2012-06-14 14:51:42 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-06-14 14:51:42 ----A---- C:\Windows\system32\url.dll
2012-06-14 14:51:42 ----A---- C:\Windows\system32\msfeedssync.exe
2012-06-14 14:51:38 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-14 14:51:38 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-14 14:51:38 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-14 14:51:37 ----A---- C:\Windows\system32\profsvc.dll
2012-06-14 14:51:29 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-14 14:51:28 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-14 14:51:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-14 14:51:24 ----A---- C:\Windows\system32\win32k.sys
2012-06-14 14:51:23 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-14 14:50:58 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-06-14 14:50:58 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-06-14 14:50:58 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-06-14 14:50:58 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-14 14:50:58 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-14 14:50:58 ----A---- C:\Windows\system32\crypt32.dll
2012-06-14 14:50:48 ----A---- C:\Windows\system32\msi.dll
2012-06-14 14:50:47 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-05-29 17:22:14 ----D---- C:\Program Files (x86)\Application Updater
2012-05-29 17:22:13 ----D---- C:\Program Files (x86)\YouTube Downloader Toolbar
2012-05-29 17:21:38 ----D---- C:\ProgramData\YTD YouTube Downloader & Converter

======List of files/folders modified in the last 1 month======

2012-06-15 21:38:30 ----D---- C:\Program Files\trend micro
2012-06-15 21:38:07 ----D---- C:\Windows\Temp
2012-06-15 21:35:27 ----SHD---- C:\System Volume Information
2012-06-15 21:32:35 ----HD---- C:\ProgramData
2012-06-15 21:32:35 ----A---- C:\ProgramData\HPWALog.txt
2012-06-15 21:32:14 ----D---- C:\Windows\inf
2012-06-15 21:32:00 ----D---- C:\Windows
2012-06-15 21:31:10 ----D---- C:\Windows\system32\config
2012-06-15 20:59:53 ----D---- C:\Windows\System32
2012-06-15 20:59:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-15 20:58:01 ----D---- C:\Windows\debug
2012-06-15 20:48:13 ----D---- C:\Windows\SysWOW64
2012-06-15 20:48:10 ----D---- C:\Windows\winsxs
2012-06-15 18:58:17 ----D---- C:\Windows\Microsoft.NET
2012-06-15 18:57:40 ----RSD---- C:\Windows\assembly
2012-06-15 18:33:13 ----SHD---- C:\Windows\Installer
2012-06-15 18:33:03 ----D---- C:\Windows\system32\Tasks
2012-06-15 18:32:59 ----RD---- C:\Program Files (x86)
2012-06-15 18:21:41 ----D---- C:\Program Files (x86)\Java
2012-06-15 18:10:24 ----SD---- C:\Users\LesakMyBox\AppData\Roaming\Microsoft
2012-06-15 18:09:55 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-06-15 18:09:54 ----D---- C:\Windows\Prefetch
2012-06-15 18:06:29 ----D---- C:\Windows\SYSWOW64\migration
2012-06-15 18:06:29 ----D---- C:\Windows\system32\migration
2012-06-15 18:06:29 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-15 18:06:28 ----D---- C:\Program Files\Internet Explorer
2012-06-15 18:06:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-15 18:06:27 ----D---- C:\Windows\system32\drivers
2012-06-15 18:06:26 ----D---- C:\Windows\system32\cs-CZ
2012-06-15 17:50:38 ----D---- C:\ProgramData\Microsoft Help
2012-06-15 17:38:49 ----D---- C:\Windows\Tasks
2012-06-15 17:38:13 ----A---- C:\Windows\system32\MRT.exe
2012-06-15 17:36:28 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2012-06-15 17:25:02 ----D---- C:\Users\LesakMyBox\AppData\Roaming\skypePM
2012-06-14 14:50:39 ----D---- C:\Windows\system32\catroot2
2012-06-14 14:50:39 ----D---- C:\Windows\system32\catroot
2012-06-11 19:32:37 ----D---- C:\Users\LesakMyBox\AppData\Roaming\Skype
2012-05-29 17:22:13 ----D---- C:\Program Files (x86)\Common Files
2012-05-29 17:21:32 ----D---- C:\ProgramData\YouTube Downloader
2012-05-29 17:21:28 ----D---- C:\Program Files (x86)\YouTube Downloader
2012-05-28 17:46:48 ----D---- C:\Program Files (x86)\CCleaner
2012-05-24 16:16:54 ----D---- C:\Windows\system32\drivers\NISx64
2012-05-16 17:35:51 ----D---- C:\Program Files (x86)\Microsoft
2012-05-16 17:35:27 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS [2011-08-16 451192]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS [2012-03-29 1092728]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20120531.001\BHDrvx64.sys [2012-04-03 1160824]
R1 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [2011-11-30 167048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-22 279616]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2012-05-31 484512]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20120613.007\IDSvia64.sys [2012-06-13 488568]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS [2012-03-29 37496]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [2012-03-29 190072]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS [2012-03-29 405624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1484800]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-09-17 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-09-17 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-09-17 21160]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-06-01 138912]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7369600]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120614.032\ENG64.SYS [2012-06-15 120440]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120614.032\EX64.SYS [2012-06-15 2068600]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-02 187392]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS [2012-03-29 737912]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2012-03-27 175736]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 320560]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-07-30 26624]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-02 225280]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2009-10-10 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-12-02 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-12-02 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-05-25 785344]
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe [2012-03-28 138232]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-15 257224]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-06-06 250616]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 129976]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-20 1255736]
S4 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-06 247152]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Zdravim

Na logu se pracuje, bude to nejakou dobu trvat

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem files) Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)




Pak udelejte uplnou kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Dobrý den, zde vkládám log ....PC je teď extrémně pomalí otvírání oken trvá strašně dlouho.

All processes killed
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\wtxpcom folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\GC folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot folder moved successfully.
C:\Program Files (x86)\Ask.com\Updater folder moved successfully.
C:\Program Files (x86)\Ask.com\assets\oobe folder moved successfully.
C:\Program Files (x86)\Ask.com\assets folder moved successfully.
C:\Program Files (x86)\Ask.com folder moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\HPCeeScheduleForLesakMyBox.job moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\toolbar@ask.com folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\searchplugins\askcom.xml moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IgfxTray not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Persistence not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\BCSSync deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
========== SERVICES/DRIVERS ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
Service BBSvc stopped successfully!
Service BBSvc deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service BBUpdate stopped successfully!
Service BBUpdate deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LesakMyBox
->Temp folder emptied: 2738096 bytes
->Temporary Internet Files folder emptied: 314476 bytes
->Java cache emptied: 9016053 bytes
->FireFox cache emptied: 70159075 bytes
->Google Chrome cache emptied: 5050736 bytes
->Flash cache emptied: 1304 bytes

User: NET
->Temp folder emptied: 34687 bytes
->Temporary Internet Files folder emptied: 399752 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3548707 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 58327724 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 66891 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 143,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: LesakMyBox
->Flash cache emptied: 0 bytes

User: NET

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 06162012_094131

Files moved on Reboot...
C:\Users\LesakMyBox\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

ZDE úplná kontrola s MBAM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.06.16.01

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
LesakMyBox :: NOTEBOOKHP [administrátor]

16.6.2012 9:48:35
mbam-log-2012-06-16 (11-23-08).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 463062
Uplynulý čas: 1 hodin, 29 minut, 15 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0


(konec)

MBAM zase odinstalujte



Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL logfile created on: 16.6.2012 14:03:25 - Run 2
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\LesakMyBox\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,91 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 55,21% Memory free
7,81 Gb Paging File | 6,15 Gb Available in Paging File | 78,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,69 Gb Total Space | 229,23 Gb Free Space | 50,64% Space Free | Partition Type: NTFS
Drive D: | 12,88 Gb Total Space | 2,15 Gb Free Space | 16,67% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOKHP | User Name: LesakMyBox | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.06.16 13:10:20 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\LesakMyBox\Desktop\OTL.exe
PRC - [2012.05.03 20:58:00 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.03.28 01:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccsvchst.exe
PRC - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2009.09.04 14:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe


========== Modules (No Company Name) ==========

MOD - [2012.05.03 20:58:00 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009.08.20 13:35:48 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2009.08.20 13:35:46 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2009.08.20 13:35:46 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.03.23 15:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.09.04 14:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.03.02 19:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2012.05.03 20:58:00 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.28 01:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe -- (NIS)
SRV - [2011.06.21 15:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.23 15:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.06 02:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009.03.02 19:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.03.29 08:28:38 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\symnets.sys -- (SymNetS)
DRV:64bit: - [2012.03.29 08:28:30 | 001,092,728 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012.03.29 08:06:25 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012.03.29 08:03:27 | 000,737,912 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012.03.29 08:03:27 | 000,037,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2012.03.27 20:02:51 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.22 20:01:15 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.11.30 00:44:29 | 000,167,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2011.08.16 00:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\symds64.sys -- (SymDS)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 12:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2010.12.02 12:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.07.30 14:18:00 | 000,026,624 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.05.27 23:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.03.23 15:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.09.21 20:47:14 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.09.17 22:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.09.17 22:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.09.17 22:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.09.17 22:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.09.02 19:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.08.27 18:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.10 16:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 09:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2012.06.15 17:35:42 | 002,068,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120614.032\ex64.sys -- (NAVEX15)
DRV - [2012.06.15 17:35:42 | 000,120,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120614.032\eng64.sys -- (NAVENG)
DRV - [2012.06.13 19:06:38 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20120613.007\IDSviA64.sys -- (IDSVia64)
DRV - [2012.06.01 07:16:58 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.05.31 18:13:12 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012.04.03 01:38:04 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20120531.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009.09.02 19:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [1999.09.10 13:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\ASPI32.SYS -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {95CD0354-CA17-4DE6-9698-77B9BDADED5B}
IE:64bit: - HKLM\..\SearchScopes\{95CD0354-CA17-4DE6-9698-77B9BDADED5B}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {95CD0354-CA17-4DE6-9698-77B9BDADED5B}
IE - HKLM\..\SearchScopes\{95CD0354-CA17-4DE6-9698-77B9BDADED5B}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=6826
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes,DefaultScope = {9535AF12-1192-44A8-A8BA-E0F414F5B3D2}
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_6826
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcso ... earch_6826
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{9535AF12-1192-44A8-A8BA-E0F414F5B3D2}: "URL" = http://us.yhs4.search.yahoo.com/yhs/sea ... earchTerms}
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{95CD0354-CA17-4DE6-9698-77B9BDADED5B}: "URL" = http://search.seznam.cz/?q={searchTerms ... earch_6826
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{DA787B7A-141D-4D43-BD61-EAC6087B3563}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{E41F9848-5534-47C6-82EE-DBB2DDFF13B0}: "URL" = http://websearch.ask.com/redirect?clien ... 054412A1DB
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012.03.17 19:49:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2012.06.16 12:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.03 20:58:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.09 19:42:28 | 000,000,000 | ---D | M]

[2010.12.27 22:01:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Extensions
[2010.12.27 20:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Extensions\Coder Preset
[2010.12.27 21:09:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Extensions\MediaCoder
[2010.12.27 22:01:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Extensions\MediaCoder-Setup-Wizard
[2012.06.16 09:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions
[2010.09.17 17:53:14 | 000,000,000 | ---D | M] (České slovníky pro kontrolu pravopisu) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\cs@dictionaries.addons.mozilla.org
[2012.05.15 18:54:04 | 000,000,000 | ---D | M] (Yandex.Bar) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru
[2012.06.15 18:21:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.08.26 19:11:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012.05.09 19:42:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012.06.15 18:21:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.05.03 20:58:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.11 20:09:12 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.01.11 20:09:12 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.09.21 19:12:21 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2012.01.11 20:09:12 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.01.11 20:09:12 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.01.11 20:09:12 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\LesakMyBox\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\LesakMyBox\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Gmail = C:\Users\LesakMyBox\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012.06.16 09:42:07 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B5DB1D6-945A-4D98-B4BD-FCC5CC0215E2}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8c66e94e-2c6f-11e1-9e34-0027139b2c66}\Shell - "" = AutoRun
O33 - MountPoints2\{8c66e94e-2c6f-11e1-9e34-0027139b2c66}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{8c66e94e-2c6f-11e1-9e34-0027139b2c66}\Shell\configure\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{8c66e94e-2c6f-11e1-9e34-0027139b2c66}\Shell\install\command - "" = G:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.06.16 13:04:29 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\LesakMyBox\Desktop\OTL.exe
[2012.06.16 09:41:31 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.06.16 09:39:10 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Users\LesakMyBox\Desktop\OTM.exe
[2012.06.15 18:22:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012.06.15 18:21:56 | 000,157,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.06.15 18:21:56 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.06.15 18:21:56 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.06.15 18:10:24 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\AppData\Local\Macromedia
[2012.06.14 14:52:01 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.06.14 14:52:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.06.14 14:51:46 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.06.14 14:51:45 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.06.14 14:51:44 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.06.14 14:51:43 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.06.14 14:51:43 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.06.14 14:51:43 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.06.14 14:51:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.06.14 14:51:43 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.06.14 14:51:43 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.06.14 14:51:42 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.06.14 14:51:42 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.06.14 14:51:42 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.06.14 14:51:42 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.06.14 14:51:42 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.06.14 14:51:42 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.06.14 14:51:38 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.06.14 14:51:38 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.14 14:51:38 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.06.14 14:51:29 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.06.14 14:51:28 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.06.14 14:51:27 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.06.14 14:50:58 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.06.14 14:50:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.06.14 14:50:48 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.06.13 18:04:43 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\2012-06-13 Osvedceni zakonik prace
[2012.06.13 18:02:45 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\2012-06-13 Certifikat obsluha PC
[2012.06.08 19:16:30 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\5555
[2012.06.06 12:59:06 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\201206
[2012.06.03 19:32:47 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\AppData\Local\{D91BBC5F-1918-4E58-B9B5-E4177CDEC0F0}
[2012.06.03 11:53:04 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\slozka dddd
[2012.05.29 17:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2012.05.29 17:22:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Downloader Toolbar
[2012.05.29 17:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD YouTube Downloader & Converter
[2012.05.29 17:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter
[2012.05.26 09:23:07 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
[2012.05.21 17:35:57 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\AppData\Local\{33BBC9C6-0D26-4870-8E43-F9B8863963F9}
[2012.05.18 17:51:41 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\Pinnacle Studio 14
[1 C:\Users\LesakMyBox\*.tmp files -> C:\Users\LesakMyBox\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.06.16 13:15:47 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.06.16 13:10:20 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\LesakMyBox\Desktop\OTL.exe
[2012.06.16 13:05:48 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.16 13:05:48 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.16 13:03:29 | 001,470,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.16 13:03:29 | 000,631,526 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.06.16 13:03:29 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.16 13:03:29 | 000,122,148 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.06.16 13:03:29 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.16 12:58:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.16 12:58:25 | 3144,880,128 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.16 09:42:07 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012.06.16 09:39:12 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Users\LesakMyBox\Desktop\OTM.exe
[2012.06.15 20:40:39 | 000,132,801 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\kuchyn stul.jpg
[2012.06.15 20:18:02 | 000,043,744 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\malba fialova.jpg
[2012.06.15 18:09:55 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.15 18:09:55 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.15 18:08:36 | 000,460,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.14 14:50:39 | 002,165,481 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1307010.005\Cat.DB
[2012.06.13 18:24:39 | 001,014,070 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Certifikat3.jpg
[2012.06.13 18:04:06 | 000,182,907 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Osvedceni zakonik prace 001.jpg
[2012.06.13 18:02:02 | 000,257,079 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Certifikat obsluha PC 001.jpg
[2012.06.08 19:57:24 | 000,811,306 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\08.06.2012 Bonětice.jpg
[2012.06.08 15:10:50 | 000,572,982 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\08.06.2012.jpg
[2012.06.06 20:08:53 | 000,065,033 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\kuchyn pecka 3.jpg
[2012.06.06 20:08:02 | 000,085,607 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\kuchyn pecka 2.jpg
[2012.06.04 20:33:15 | 000,066,714 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\uz nikdy nepujdu ven.jpg
[2012.06.03 21:35:10 | 000,288,309 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Skalka-Ohre2.jpg
[2012.06.03 21:34:13 | 000,267,874 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Skalka-Ohre3.jpg
[2012.06.03 21:03:03 | 000,067,932 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_05.jpg
[2012.06.03 21:02:53 | 000,075,059 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\PChebAkc_03.jpg
[2012.06.03 21:02:19 | 000,044,715 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_02.jpg
[2012.06.03 21:02:04 | 000,054,428 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_01.jpg
[2012.06.03 21:01:36 | 000,041,913 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\chheb pivovar.jpg
[2012.06.03 20:24:29 | 000,088,592 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1302839166_00001000300020001000200010001000500010079.jpg
[2012.06.03 20:24:09 | 000,089,049 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1302839166_00001000300020001000200010001000500010076.jpg
[2012.06.03 20:23:42 | 000,087,240 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1302839164_00001000300020001000200010001000500010067.jpg
[2012.06.03 20:23:24 | 000,131,267 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1302839163_00001000300020001000200010001000500010065.jpg
[2012.06.03 20:22:39 | 000,065,994 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\nadrazi.jpg
[2012.06.03 20:21:12 | 000,108,956 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\chheb skalka.jpg
[2012.06.03 20:20:42 | 000,111,232 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\cheb lenin.jpg
[2012.06.03 20:16:37 | 000,067,242 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\muj panelak.jpg
[2012.06.03 20:15:12 | 000,058,715 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1264426825_img_0098.jpg
[2012.06.03 20:14:08 | 000,064,817 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1264426823_img_0089.jpg
[2012.06.03 20:12:04 | 000,103,618 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\jesenicka prehrada cheb.jpg
[2012.06.03 20:10:32 | 000,092,791 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1264426630_img_0063.jpg
[2012.06.03 20:09:40 | 000,100,474 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\bazen.jpg
[2012.06.03 20:07:58 | 000,103,451 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\panelak muj cheb.jpg
[2012.06.03 20:06:44 | 000,121,763 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\nadrazi 3.jpg
[2012.06.03 20:05:27 | 000,109,608 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1264426626_img_0046.jpg
[2012.06.03 20:04:18 | 000,095,438 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1264426372_img_0039.jpg
[2012.06.03 20:02:43 | 000,092,075 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\cheb posta.jpg
[2012.06.03 20:02:03 | 000,091,680 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\pohlednice cheb 2.jpg
[2012.06.03 20:01:34 | 000,089,357 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\pohlednice cheb.jpg
[2012.06.03 20:00:52 | 000,095,472 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\cheb zima.jpg
[2012.06.03 19:58:18 | 000,076,175 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\cheb divadlo.jpg
[2012.06.03 19:57:53 | 000,045,437 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1302838490_00001000300020001000200010001000500010001.jpg
[2012.06.03 19:57:23 | 000,052,740 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\cheb skalka.jpg
[2012.06.03 19:56:51 | 000,067,705 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\hotel hradni dvur cheb.jpg
[2012.06.03 19:36:26 | 000,051,830 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\zchátralý klášterní kostel Nalezení sv. Kříže - duben 2012.jpg
[2012.06.03 19:36:11 | 000,023,597 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\věž klášterního kostela Nalezení sv. Kříže v době kolem roku 1965.jpg
[2012.06.03 19:35:45 | 000,032,347 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\interiér klášterního kostela Nalezení sv. Kříže před rokem 1945.jpg
[2012.06.03 19:35:03 | 000,028,104 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\klášterní kostel Nalezení sv. Kříže 1945.jpg
[2012.06.03 18:01:48 | 000,083,980 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Starý Chebský most a vzhled původního Horního nádraží.jpg
[2012.06.01 19:29:06 | 018,613,688 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\01.06.2012 Zdenda & peso.mp4
[2012.05.29 21:09:01 | 000,025,088 | ---- | M] () -- C:\Users\LesakMyBox\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.29 17:21:30 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\YTD YouTube Downloader & Converter.lnk
[2012.05.29 16:36:08 | 000,209,254 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka 3 .jpg
[2012.05.29 16:35:56 | 000,202,860 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka 2 .jpg
[2012.05.29 16:35:36 | 000,236,680 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka.jpg
[2012.05.27 20:44:45 | 000,092,639 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\autob.nadrazi cheb.jpg
[2012.05.27 11:09:38 | 000,045,587 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\541145_10150958660619603_723974602_12010251_795161882_n.jpg
[2012.05.24 16:16:48 | 000,002,492 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012.05.24 16:15:54 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1307010.005\VT20120410.034
[1 C:\Users\LesakMyBox\*.tmp files -> C:\Users\LesakMyBox\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.06.16 13:15:47 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.06.15 20:40:38 | 000,132,801 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\kuchyn stul.jpg
[2012.06.15 20:18:00 | 000,043,744 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\malba fialova.jpg
[2012.06.13 18:24:39 | 001,014,070 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Certifikat3.jpg
[2012.06.13 18:04:06 | 000,182,907 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Osvedceni zakonik prace 001.jpg
[2012.06.13 18:02:02 | 000,257,079 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Certifikat obsluha PC 001.jpg
[2012.06.08 19:57:18 | 000,811,306 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\08.06.2012 Bonětice.jpg
[2012.06.08 15:10:46 | 000,572,982 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\08.06.2012.jpg
[2012.06.06 20:08:53 | 000,065,033 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\kuchyn pecka 3.jpg
[2012.06.06 20:08:01 | 000,085,607 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\kuchyn pecka 2.jpg
[2012.06.04 20:33:13 | 000,066,714 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\uz nikdy nepujdu ven.jpg
[2012.06.03 21:35:10 | 000,288,309 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Skalka-Ohre2.jpg
[2012.06.03 21:34:13 | 000,267,874 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Skalka-Ohre3.jpg
[2012.06.03 21:03:03 | 000,067,932 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_05.jpg
[2012.06.03 21:02:53 | 000,075,059 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\PChebAkc_03.jpg
[2012.06.03 21:02:18 | 000,044,715 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_02.jpg
[2012.06.03 21:02:03 | 000,054,428 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_01.jpg
[2012.06.03 21:01:36 | 000,041,913 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\chheb pivovar.jpg
[2012.06.03 20:24:29 | 000,088,592 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1302839166_00001000300020001000200010001000500010079.jpg
[2012.06.03 20:24:08 | 000,089,049 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1302839166_00001000300020001000200010001000500010076.jpg
[2012.06.03 20:23:42 | 000,087,240 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1302839164_00001000300020001000200010001000500010067.jpg
[2012.06.03 20:23:24 | 000,131,267 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1302839163_00001000300020001000200010001000500010065.jpg
[2012.06.03 20:22:39 | 000,065,994 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\nadrazi.jpg
[2012.06.03 20:21:11 | 000,108,956 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\chheb skalka.jpg
[2012.06.03 20:20:42 | 000,111,232 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\cheb lenin.jpg
[2012.06.03 20:16:37 | 000,067,242 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\muj panelak.jpg
[2012.06.03 20:15:12 | 000,058,715 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1264426825_img_0098.jpg
[2012.06.03 20:14:07 | 000,064,817 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1264426823_img_0089.jpg
[2012.06.03 20:12:03 | 000,103,618 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\jesenicka prehrada cheb.jpg
[2012.06.03 20:10:32 | 000,092,791 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1264426630_img_0063.jpg
[2012.06.03 20:09:39 | 000,100,474 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\bazen.jpg
[2012.06.03 20:07:57 | 000,103,451 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\panelak muj cheb.jpg
[2012.06.03 20:06:44 | 000,121,763 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\nadrazi 3.jpg
[2012.06.03 20:05:26 | 000,109,608 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1264426626_img_0046.jpg
[2012.06.03 20:04:17 | 000,095,438 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1264426372_img_0039.jpg
[2012.06.03 20:02:43 | 000,092,075 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\cheb posta.jpg
[2012.06.03 20:02:03 | 000,091,680 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\pohlednice cheb 2.jpg
[2012.06.03 20:01:33 | 000,089,357 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\pohlednice cheb.jpg
[2012.06.03 20:00:52 | 000,095,472 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\cheb zima.jpg
[2012.06.03 19:58:18 | 000,076,175 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\cheb divadlo.jpg
[2012.06.03 19:57:53 | 000,045,437 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1302838490_00001000300020001000200010001000500010001.jpg
[2012.06.03 19:57:22 | 000,052,740 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\cheb skalka.jpg
[2012.06.03 19:56:50 | 000,067,705 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\hotel hradni dvur cheb.jpg
[2012.06.03 19:36:25 | 000,051,830 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\zchátralý klášterní kostel Nalezení sv. Kříže - duben 2012.jpg
[2012.06.03 19:36:10 | 000,023,597 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\věž klášterního kostela Nalezení sv. Kříže v době kolem roku 1965.jpg
[2012.06.03 19:35:44 | 000,032,347 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\interiér klášterního kostela Nalezení sv. Kříže před rokem 1945.jpg
[2012.06.03 19:35:03 | 000,028,104 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\klášterní kostel Nalezení sv. Kříže 1945.jpg
[2012.06.03 18:01:47 | 000,083,980 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Starý Chebský most a vzhled původního Horního nádraží.jpg
[2012.06.01 19:28:00 | 018,613,688 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\01.06.2012 Zdenda & peso.mp4
[2012.05.29 17:21:29 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\YTD YouTube Downloader & Converter.lnk
[2012.05.29 16:36:07 | 000,209,254 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka 3 .jpg
[2012.05.29 16:35:55 | 000,202,860 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka 2 .jpg
[2012.05.29 16:35:35 | 000,236,680 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka.jpg
[2012.05.27 20:44:44 | 000,092,639 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\autob.nadrazi cheb.jpg
[2012.05.27 11:09:35 | 000,045,587 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\541145_10150958660619603_723974602_12010251_795161882_n.jpg
[2012.05.24 16:16:48 | 000,002,492 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2010.12.28 01:51:47 | 000,641,021 | ---- | C] () -- C:\Windows\unins000.exe
[2010.12.28 01:51:47 | 000,187,904 | ---- | C] () -- C:\Windows\SysWow64\Lame.exe
[2010.12.28 01:51:47 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\Lame_enc.dll
[2010.12.28 01:51:47 | 000,001,685 | ---- | C] () -- C:\Windows\unins000.dat
[2010.12.27 22:03:22 | 000,000,289 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Local\Tempmctemp3340eae2fdc87a7db17d.avs
[2010.12.27 21:49:42 | 000,356,352 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Local\Tempmctemp2780eae2fdc87a7db17d.264
[2010.12.27 21:44:21 | 006,696,960 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Local\Tempmctemp732eae2fdc87a7db17d.264
[2010.12.27 18:59:54 | 000,000,464 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Roaming\AutoGK.ini
[2010.10.31 21:10:09 | 000,408,576 | ---- | C] () -- C:\Windows\SysWow64\Smab.dll
[2010.10.31 21:10:07 | 000,502,784 | ---- | C] () -- C:\Windows\x2.64.exe
[2010.10.31 21:10:07 | 000,240,128 | ---- | C] () -- C:\Windows\SysWow64\x.264.exe
[2010.10.31 21:10:07 | 000,217,073 | ---- | C] () -- C:\Windows\meta4.exe
[2010.10.31 21:10:07 | 000,066,560 | ---- | C] () -- C:\Windows\MOTA113.exe
[2010.10.31 21:10:07 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.10.31 21:09:55 | 000,027,648 | -HS- | C] () -- C:\Windows\SysWow64\Smab0.dll
[2010.09.28 22:04:27 | 000,001,176 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Local\SRDownloader.nast
[2010.09.28 21:40:07 | 000,081,867 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Local\SRDownloader.err

========== LOP Check ==========

[2011.01.02 23:01:37 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\avidemux
[2011.01.01 23:24:49 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Broad Intelligence
[2012.01.20 18:19:19 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\DAEMON Tools Lite
[2011.01.18 23:22:03 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Desktopicon
[2010.12.25 16:40:36 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Free Audio Editor
[2011.06.28 16:38:49 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Nokia
[2010.12.27 20:35:33 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\OpenCandy
[2010.05.26 21:41:43 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\OpenOffice.org
[2011.06.28 16:38:50 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\PC Suite
[2010.10.15 20:22:31 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Tific
[2010.08.26 19:13:36 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Win7codecs
[2010.12.30 09:22:12 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Windows Live Writer
[2012.02.05 15:00:25 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Yandex
[2010.05.18 17:19:43 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\_MDLogs
[2010.12.10 16:34:23 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(20).TXT
[2010.08.27 15:51:47 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(26).TXT
[2010.08.27 15:51:47 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(27).TXT
[2011.11.09 20:49:42 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010.10.17 18:18:51 | 000,000,000 | ---D | M](C:\Users\LesakMyBox\AppData\Roaming\???????sAppData) -- C:\Users\LesakMyBox\AppData\Roaming\敎潲䍄敔灭慬整sAppData
[2010.10.17 18:18:51 | 000,000,000 | ---D | M](C:\Users\LesakMyBox\AppData\Roaming\???????sAppData) -- C:\Users\LesakMyBox\AppData\Roaming\敎潲䍄敔灭慬整sAppData
[2010.10.17 17:37:13 | 000,000,000 | ---D | C](C:\Users\LesakMyBox\AppData\Roaming\???????sAppData) -- C:\Users\LesakMyBox\AppData\Roaming\敎潲䍄敔灭慬整sAppData
(C:\Users\LesakMyBox\AppData\Roaming\???????sAppData) -- C:\Users\LesakMyBox\AppData\Roaming\敎潲䍄敔灭慬整sAppData

========== Alternate Data Streams ==========

@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:C1F4198F

< End of report >


výpis Extras.txt mě nevyskočil

Log ale neni cely. Zkopiroval jste tam ten text?

Ano zkopíroval ...ještě to jednou vyzkouším

OK, vyzkousejte. Kdyz to nepujde, tak to zkuste v nouzovem rezimu. Chybi tam spousta veci, ktere potrebuji videt.

vyhodilo mi to pouze toto ale žádný druhý sken

OTL logfile created on: 16.6.2012 17:22:24 - Run 3
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\LesakMyBox\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,91 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 57,19% Memory free
7,81 Gb Paging File | 6,12 Gb Available in Paging File | 78,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,69 Gb Total Space | 229,25 Gb Free Space | 50,64% Space Free | Partition Type: NTFS
Drive D: | 12,88 Gb Total Space | 2,15 Gb Free Space | 16,67% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOKHP | User Name: LesakMyBox | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.06.16 13:10:20 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\LesakMyBox\Desktop\OTL.exe
PRC - [2012.06.15 18:09:55 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
PRC - [2012.05.03 20:58:00 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.03.28 01:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccsvchst.exe
PRC - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2009.09.04 14:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe


========== Modules (No Company Name) ==========

MOD - [2012.06.15 18:09:55 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
MOD - [2012.05.03 20:58:00 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009.08.20 13:35:48 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2009.08.20 13:35:46 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2009.08.20 13:35:46 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.03.23 15:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.09.04 14:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.03.02 19:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2012.05.03 20:58:00 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.28 01:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe -- (NIS)
SRV - [2011.06.21 15:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.23 15:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.06 02:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009.03.02 19:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.03.29 08:28:38 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\symnets.sys -- (SymNetS)
DRV:64bit: - [2012.03.29 08:28:30 | 001,092,728 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012.03.29 08:06:25 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012.03.29 08:03:27 | 000,737,912 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012.03.29 08:03:27 | 000,037,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2012.03.27 20:02:51 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.22 20:01:15 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.11.30 00:44:29 | 000,167,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2011.08.16 00:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1307010.005\symds64.sys -- (SymDS)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 12:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2010.12.02 12:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.07.30 14:18:00 | 000,026,624 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.05.27 23:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.03.23 15:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.09.21 20:47:14 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.09.17 22:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.09.17 22:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.09.17 22:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.09.17 22:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.09.02 19:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.08.27 18:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.10 16:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 09:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2012.06.15 17:35:42 | 002,068,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120614.032\ex64.sys -- (NAVEX15)
DRV - [2012.06.15 17:35:42 | 000,120,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120614.032\eng64.sys -- (NAVENG)
DRV - [2012.06.13 19:06:38 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20120613.007\IDSviA64.sys -- (IDSVia64)
DRV - [2012.06.01 07:16:58 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.05.31 18:13:12 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012.04.03 01:38:04 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20120531.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009.09.02 19:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [1999.09.10 13:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\ASPI32.SYS -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {95CD0354-CA17-4DE6-9698-77B9BDADED5B}
IE:64bit: - HKLM\..\SearchScopes\{95CD0354-CA17-4DE6-9698-77B9BDADED5B}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {95CD0354-CA17-4DE6-9698-77B9BDADED5B}
IE - HKLM\..\SearchScopes\{95CD0354-CA17-4DE6-9698-77B9BDADED5B}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=6826
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes,DefaultScope = {9535AF12-1192-44A8-A8BA-E0F414F5B3D2}
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_6826
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcso ... earch_6826
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{9535AF12-1192-44A8-A8BA-E0F414F5B3D2}: "URL" = http://us.yhs4.search.yahoo.com/yhs/sea ... earchTerms}
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{95CD0354-CA17-4DE6-9698-77B9BDADED5B}: "URL" = http://search.seznam.cz/?q={searchTerms ... earch_6826
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{DA787B7A-141D-4D43-BD61-EAC6087B3563}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{E41F9848-5534-47C6-82EE-DBB2DDFF13B0}: "URL" = http://websearch.ask.com/redirect?clien ... 054412A1DB
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012.03.17 19:49:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2012.06.16 12:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.03 20:58:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.09 19:42:28 | 000,000,000 | ---D | M]

[2010.12.27 22:01:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Extensions
[2010.12.27 20:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Extensions\Coder Preset
[2010.12.27 21:09:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Extensions\MediaCoder
[2010.12.27 22:01:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Extensions\MediaCoder-Setup-Wizard
[2012.06.16 09:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions
[2010.09.17 17:53:14 | 000,000,000 | ---D | M] (České slovníky pro kontrolu pravopisu) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\cs@dictionaries.addons.mozilla.org
[2012.05.15 18:54:04 | 000,000,000 | ---D | M] (Yandex.Bar) -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru
[2012.06.15 18:21:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.08.26 19:11:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012.05.09 19:42:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012.06.15 18:21:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.05.03 20:58:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.11 20:09:12 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.01.11 20:09:12 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.09.21 19:12:21 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2012.01.11 20:09:12 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.01.11 20:09:12 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.01.11 20:09:12 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\LesakMyBox\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\LesakMyBox\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Gmail = C:\Users\LesakMyBox\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012.06.16 09:42:07 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-43112493-3568498617-3430726471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B5DB1D6-945A-4D98-B4BD-FCC5CC0215E2}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8c66e94e-2c6f-11e1-9e34-0027139b2c66}\Shell - "" = AutoRun
O33 - MountPoints2\{8c66e94e-2c6f-11e1-9e34-0027139b2c66}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{8c66e94e-2c6f-11e1-9e34-0027139b2c66}\Shell\configure\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{8c66e94e-2c6f-11e1-9e34-0027139b2c66}\Shell\install\command - "" = G:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.divx - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.xvid - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.06.16 13:04:29 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\LesakMyBox\Desktop\OTL.exe
[2012.06.16 09:41:31 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.06.16 09:39:10 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Users\LesakMyBox\Desktop\OTM.exe
[2012.06.15 18:22:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012.06.15 18:21:56 | 000,157,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.06.15 18:21:56 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.06.15 18:21:56 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.06.15 18:10:24 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\AppData\Local\Macromedia
[2012.06.14 14:52:01 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.06.14 14:52:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.06.14 14:51:46 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.06.14 14:51:45 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.06.14 14:51:44 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.06.14 14:51:43 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.06.14 14:51:43 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.06.14 14:51:43 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.06.14 14:51:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.06.14 14:51:43 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.06.14 14:51:43 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.06.14 14:51:42 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.06.14 14:51:42 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.06.14 14:51:42 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.06.14 14:51:42 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.06.14 14:51:42 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.06.14 14:51:42 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.06.14 14:51:38 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.06.14 14:51:38 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.14 14:51:38 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.06.14 14:51:29 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.06.14 14:51:28 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.06.14 14:51:27 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.06.14 14:50:58 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.06.14 14:50:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.06.14 14:50:48 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.06.13 18:04:43 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\2012-06-13 Osvedceni zakonik prace
[2012.06.13 18:02:45 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\2012-06-13 Certifikat obsluha PC
[2012.06.08 19:16:30 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\5555
[2012.06.06 12:59:06 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\201206
[2012.06.03 19:32:47 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\AppData\Local\{D91BBC5F-1918-4E58-B9B5-E4177CDEC0F0}
[2012.06.03 11:53:04 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\slozka dddd
[2012.05.29 17:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2012.05.29 17:22:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Downloader Toolbar
[2012.05.29 17:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD YouTube Downloader & Converter
[2012.05.29 17:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter
[2012.05.26 09:23:07 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
[2012.05.21 17:35:57 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\AppData\Local\{33BBC9C6-0D26-4870-8E43-F9B8863963F9}
[2012.05.18 17:51:41 | 000,000,000 | ---D | C] -- C:\Users\LesakMyBox\Desktop\Pinnacle Studio 14
[1 C:\Users\LesakMyBox\*.tmp files -> C:\Users\LesakMyBox\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.06.16 17:25:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.06.16 17:16:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.16 13:10:20 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\LesakMyBox\Desktop\OTL.exe
[2012.06.16 13:05:48 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.16 13:05:48 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.16 13:03:29 | 001,470,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.16 13:03:29 | 000,631,526 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.06.16 13:03:29 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.16 13:03:29 | 000,122,148 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.06.16 13:03:29 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.16 12:58:25 | 3144,880,128 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.16 09:42:07 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012.06.16 09:39:12 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Users\LesakMyBox\Desktop\OTM.exe
[2012.06.15 20:40:39 | 000,132,801 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\kuchyn stul.jpg
[2012.06.15 20:18:02 | 000,043,744 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\malba fialova.jpg
[2012.06.15 18:09:55 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.15 18:09:55 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.15 18:08:36 | 000,460,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.14 14:50:39 | 002,165,481 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1307010.005\Cat.DB
[2012.06.13 18:24:39 | 001,014,070 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Certifikat3.jpg
[2012.06.13 18:04:06 | 000,182,907 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Osvedceni zakonik prace 001.jpg
[2012.06.13 18:02:02 | 000,257,079 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Certifikat obsluha PC 001.jpg
[2012.06.08 19:57:24 | 000,811,306 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\08.06.2012 Bonětice.jpg
[2012.06.08 15:10:50 | 000,572,982 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\08.06.2012.jpg
[2012.06.06 20:08:53 | 000,065,033 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\kuchyn pecka 3.jpg
[2012.06.06 20:08:02 | 000,085,607 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\kuchyn pecka 2.jpg
[2012.06.04 20:33:15 | 000,066,714 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\uz nikdy nepujdu ven.jpg
[2012.06.03 21:35:10 | 000,288,309 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Skalka-Ohre2.jpg
[2012.06.03 21:34:13 | 000,267,874 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Skalka-Ohre3.jpg
[2012.06.03 21:03:03 | 000,067,932 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_05.jpg
[2012.06.03 21:02:53 | 000,075,059 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\PChebAkc_03.jpg
[2012.06.03 21:02:19 | 000,044,715 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_02.jpg
[2012.06.03 21:02:04 | 000,054,428 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_01.jpg
[2012.06.03 21:01:36 | 000,041,913 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\chheb pivovar.jpg
[2012.06.03 20:24:29 | 000,088,592 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1302839166_00001000300020001000200010001000500010079.jpg
[2012.06.03 20:24:09 | 000,089,049 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1302839166_00001000300020001000200010001000500010076.jpg
[2012.06.03 20:23:42 | 000,087,240 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1302839164_00001000300020001000200010001000500010067.jpg
[2012.06.03 20:23:24 | 000,131,267 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1302839163_00001000300020001000200010001000500010065.jpg
[2012.06.03 20:22:39 | 000,065,994 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\nadrazi.jpg
[2012.06.03 20:21:12 | 000,108,956 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\chheb skalka.jpg
[2012.06.03 20:20:42 | 000,111,232 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\cheb lenin.jpg
[2012.06.03 20:16:37 | 000,067,242 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\muj panelak.jpg
[2012.06.03 20:15:12 | 000,058,715 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1264426825_img_0098.jpg
[2012.06.03 20:14:08 | 000,064,817 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1264426823_img_0089.jpg
[2012.06.03 20:12:04 | 000,103,618 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\jesenicka prehrada cheb.jpg
[2012.06.03 20:10:32 | 000,092,791 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1264426630_img_0063.jpg
[2012.06.03 20:09:40 | 000,100,474 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\bazen.jpg
[2012.06.03 20:07:58 | 000,103,451 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\panelak muj cheb.jpg
[2012.06.03 20:06:44 | 000,121,763 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\nadrazi 3.jpg
[2012.06.03 20:05:27 | 000,109,608 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1264426626_img_0046.jpg
[2012.06.03 20:04:18 | 000,095,438 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1264426372_img_0039.jpg
[2012.06.03 20:02:43 | 000,092,075 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\cheb posta.jpg
[2012.06.03 20:02:03 | 000,091,680 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\pohlednice cheb 2.jpg
[2012.06.03 20:01:34 | 000,089,357 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\pohlednice cheb.jpg
[2012.06.03 20:00:52 | 000,095,472 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\cheb zima.jpg
[2012.06.03 19:58:18 | 000,076,175 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\cheb divadlo.jpg
[2012.06.03 19:57:53 | 000,045,437 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\1302838490_00001000300020001000200010001000500010001.jpg
[2012.06.03 19:57:23 | 000,052,740 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\cheb skalka.jpg
[2012.06.03 19:56:51 | 000,067,705 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\hotel hradni dvur cheb.jpg
[2012.06.03 19:36:26 | 000,051,830 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\zchátralý klášterní kostel Nalezení sv. Kříže - duben 2012.jpg
[2012.06.03 19:36:11 | 000,023,597 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\věž klášterního kostela Nalezení sv. Kříže v době kolem roku 1965.jpg
[2012.06.03 19:35:45 | 000,032,347 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\interiér klášterního kostela Nalezení sv. Kříže před rokem 1945.jpg
[2012.06.03 19:35:03 | 000,028,104 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\klášterní kostel Nalezení sv. Kříže 1945.jpg
[2012.06.03 18:01:48 | 000,083,980 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\Starý Chebský most a vzhled původního Horního nádraží.jpg
[2012.06.01 19:29:06 | 018,613,688 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\01.06.2012 Zdenda & peso.mp4
[2012.05.29 21:09:01 | 000,025,088 | ---- | M] () -- C:\Users\LesakMyBox\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.29 17:21:30 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\YTD YouTube Downloader & Converter.lnk
[2012.05.29 16:36:08 | 000,209,254 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka 3 .jpg
[2012.05.29 16:35:56 | 000,202,860 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka 2 .jpg
[2012.05.29 16:35:36 | 000,236,680 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka.jpg
[2012.05.27 20:44:45 | 000,092,639 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\autob.nadrazi cheb.jpg
[2012.05.27 11:09:38 | 000,045,587 | ---- | M] () -- C:\Users\LesakMyBox\Desktop\541145_10150958660619603_723974602_12010251_795161882_n.jpg
[2012.05.24 16:16:48 | 000,002,492 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012.05.24 16:15:54 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1307010.005\VT20120410.034
[1 C:\Users\LesakMyBox\*.tmp files -> C:\Users\LesakMyBox\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.06.16 13:15:47 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.06.15 20:40:38 | 000,132,801 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\kuchyn stul.jpg
[2012.06.15 20:18:00 | 000,043,744 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\malba fialova.jpg
[2012.06.13 18:24:39 | 001,014,070 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Certifikat3.jpg
[2012.06.13 18:04:06 | 000,182,907 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Osvedceni zakonik prace 001.jpg
[2012.06.13 18:02:02 | 000,257,079 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Certifikat obsluha PC 001.jpg
[2012.06.08 19:57:18 | 000,811,306 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\08.06.2012 Bonětice.jpg
[2012.06.08 15:10:46 | 000,572,982 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\08.06.2012.jpg
[2012.06.06 20:08:53 | 000,065,033 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\kuchyn pecka 3.jpg
[2012.06.06 20:08:01 | 000,085,607 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\kuchyn pecka 2.jpg
[2012.06.04 20:33:13 | 000,066,714 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\uz nikdy nepujdu ven.jpg
[2012.06.03 21:35:10 | 000,288,309 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Skalka-Ohre2.jpg
[2012.06.03 21:34:13 | 000,267,874 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Skalka-Ohre3.jpg
[2012.06.03 21:03:03 | 000,067,932 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_05.jpg
[2012.06.03 21:02:53 | 000,075,059 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\PChebAkc_03.jpg
[2012.06.03 21:02:18 | 000,044,715 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_02.jpg
[2012.06.03 21:02:03 | 000,054,428 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\FChebAkc_01.jpg
[2012.06.03 21:01:36 | 000,041,913 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\chheb pivovar.jpg
[2012.06.03 20:24:29 | 000,088,592 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1302839166_00001000300020001000200010001000500010079.jpg
[2012.06.03 20:24:08 | 000,089,049 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1302839166_00001000300020001000200010001000500010076.jpg
[2012.06.03 20:23:42 | 000,087,240 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1302839164_00001000300020001000200010001000500010067.jpg
[2012.06.03 20:23:24 | 000,131,267 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1302839163_00001000300020001000200010001000500010065.jpg
[2012.06.03 20:22:39 | 000,065,994 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\nadrazi.jpg
[2012.06.03 20:21:11 | 000,108,956 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\chheb skalka.jpg
[2012.06.03 20:20:42 | 000,111,232 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\cheb lenin.jpg
[2012.06.03 20:16:37 | 000,067,242 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\muj panelak.jpg
[2012.06.03 20:15:12 | 000,058,715 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1264426825_img_0098.jpg
[2012.06.03 20:14:07 | 000,064,817 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1264426823_img_0089.jpg
[2012.06.03 20:12:03 | 000,103,618 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\jesenicka prehrada cheb.jpg
[2012.06.03 20:10:32 | 000,092,791 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1264426630_img_0063.jpg
[2012.06.03 20:09:39 | 000,100,474 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\bazen.jpg
[2012.06.03 20:07:57 | 000,103,451 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\panelak muj cheb.jpg
[2012.06.03 20:06:44 | 000,121,763 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\nadrazi 3.jpg
[2012.06.03 20:05:26 | 000,109,608 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1264426626_img_0046.jpg
[2012.06.03 20:04:17 | 000,095,438 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1264426372_img_0039.jpg
[2012.06.03 20:02:43 | 000,092,075 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\cheb posta.jpg
[2012.06.03 20:02:03 | 000,091,680 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\pohlednice cheb 2.jpg
[2012.06.03 20:01:33 | 000,089,357 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\pohlednice cheb.jpg
[2012.06.03 20:00:52 | 000,095,472 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\cheb zima.jpg
[2012.06.03 19:58:18 | 000,076,175 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\cheb divadlo.jpg
[2012.06.03 19:57:53 | 000,045,437 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\1302838490_00001000300020001000200010001000500010001.jpg
[2012.06.03 19:57:22 | 000,052,740 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\cheb skalka.jpg
[2012.06.03 19:56:50 | 000,067,705 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\hotel hradni dvur cheb.jpg
[2012.06.03 19:36:25 | 000,051,830 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\zchátralý klášterní kostel Nalezení sv. Kříže - duben 2012.jpg
[2012.06.03 19:36:10 | 000,023,597 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\věž klášterního kostela Nalezení sv. Kříže v době kolem roku 1965.jpg
[2012.06.03 19:35:44 | 000,032,347 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\interiér klášterního kostela Nalezení sv. Kříže před rokem 1945.jpg
[2012.06.03 19:35:03 | 000,028,104 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\klášterní kostel Nalezení sv. Kříže 1945.jpg
[2012.06.03 18:01:47 | 000,083,980 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\Starý Chebský most a vzhled původního Horního nádraží.jpg
[2012.06.01 19:28:00 | 018,613,688 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\01.06.2012 Zdenda & peso.mp4
[2012.05.29 17:21:29 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\YTD YouTube Downloader & Converter.lnk
[2012.05.29 16:36:07 | 000,209,254 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka 3 .jpg
[2012.05.29 16:35:55 | 000,202,860 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka 2 .jpg
[2012.05.29 16:35:35 | 000,236,680 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\vypustena skalka.jpg
[2012.05.27 20:44:44 | 000,092,639 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\autob.nadrazi cheb.jpg
[2012.05.27 11:09:35 | 000,045,587 | ---- | C] () -- C:\Users\LesakMyBox\Desktop\541145_10150958660619603_723974602_12010251_795161882_n.jpg
[2012.05.24 16:16:48 | 000,002,492 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2010.12.28 01:51:47 | 000,641,021 | ---- | C] () -- C:\Windows\unins000.exe
[2010.12.28 01:51:47 | 000,187,904 | ---- | C] () -- C:\Windows\SysWow64\Lame.exe
[2010.12.28 01:51:47 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\Lame_enc.dll
[2010.12.28 01:51:47 | 000,001,685 | ---- | C] () -- C:\Windows\unins000.dat
[2010.12.27 22:03:22 | 000,000,289 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Local\Tempmctemp3340eae2fdc87a7db17d.avs
[2010.12.27 21:49:42 | 000,356,352 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Local\Tempmctemp2780eae2fdc87a7db17d.264
[2010.12.27 21:44:21 | 006,696,960 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Local\Tempmctemp732eae2fdc87a7db17d.264
[2010.12.27 18:59:54 | 000,000,464 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Roaming\AutoGK.ini
[2010.10.31 21:10:09 | 000,408,576 | ---- | C] () -- C:\Windows\SysWow64\Smab.dll
[2010.10.31 21:10:07 | 000,502,784 | ---- | C] () -- C:\Windows\x2.64.exe
[2010.10.31 21:10:07 | 000,240,128 | ---- | C] () -- C:\Windows\SysWow64\x.264.exe
[2010.10.31 21:10:07 | 000,217,073 | ---- | C] () -- C:\Windows\meta4.exe
[2010.10.31 21:10:07 | 000,066,560 | ---- | C] () -- C:\Windows\MOTA113.exe
[2010.10.31 21:10:07 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.10.31 21:09:55 | 000,027,648 | -HS- | C] () -- C:\Windows\SysWow64\Smab0.dll
[2010.09.28 22:04:27 | 000,001,176 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Local\SRDownloader.nast
[2010.09.28 21:40:07 | 000,081,867 | ---- | C] () -- C:\Users\LesakMyBox\AppData\Local\SRDownloader.err

========== LOP Check ==========

[2011.01.02 23:01:37 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\avidemux
[2011.01.01 23:24:49 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Broad Intelligence
[2012.01.20 18:19:19 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\DAEMON Tools Lite
[2011.01.18 23:22:03 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Desktopicon
[2010.12.25 16:40:36 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Free Audio Editor
[2011.06.28 16:38:49 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Nokia
[2010.12.27 20:35:33 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\OpenCandy
[2010.05.26 21:41:43 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\OpenOffice.org
[2011.06.28 16:38:50 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\PC Suite
[2010.10.15 20:22:31 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Tific
[2010.08.26 19:13:36 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Win7codecs
[2010.12.30 09:22:12 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Windows Live Writer
[2012.02.05 15:00:25 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Yandex
[2010.05.18 17:19:43 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\_MDLogs
[2010.12.10 16:34:23 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(20).TXT
[2010.08.27 15:51:47 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(26).TXT
[2010.08.27 15:51:47 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(27).TXT
[2011.11.09 20:49:42 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2012.04.24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.04.24 07:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012.04.24 07:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\SysNative\cryptsvc.dll
[2012.04.24 07:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012.04.24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2007.05.17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2009.11.05 11:22:57 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009.11.05 11:22:57 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.11.05 11:22:57 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2009.11.05 11:22:57 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[16 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9f1a5f9195e441d8246d35b540275b01\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9f1a5f9195e441d8246d35b540275b01\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.05.19 17:57:13 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Adobe
[2010.06.19 21:40:03 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Ahead
[2011.01.02 23:01:37 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\avidemux
[2011.01.01 23:24:49 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Broad Intelligence
[2010.05.18 23:56:11 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\CyberLink
[2012.01.20 18:19:19 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\DAEMON Tools Lite
[2011.01.18 23:22:03 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Desktopicon
[2010.05.20 21:26:23 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\DivX
[2012.03.07 18:25:18 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\dvdcss
[2010.12.25 16:40:36 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Free Audio Editor
[2011.08.06 11:26:35 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Hewlett-Packard
[2011.07.21 19:23:31 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\HP Support Assistant
[2011.07.28 18:24:01 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\hpqlog
[2011.07.21 19:23:31 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\HpUpdate
[2010.05.18 16:31:35 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Identities
[2010.05.18 23:29:44 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Macromedia
[2010.05.20 20:27:19 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Malwarebytes
[2009.11.05 11:20:37 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Media Center Programs
[2012.06.15 18:10:24 | 000,000,000 | --SD | M] -- C:\Users\LesakMyBox\AppData\Roaming\Microsoft
[2010.05.18 16:49:31 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Mozilla
[2011.06.28 16:38:49 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Nokia
[2010.12.27 20:35:33 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\OpenCandy
[2010.05.26 21:41:43 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\OpenOffice.org
[2011.06.28 16:38:50 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\PC Suite
[2010.12.25 22:04:39 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Real
[2012.06.11 19:32:37 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Skype
[2012.06.15 17:25:02 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\skypePM
[2010.10.15 20:22:31 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Tific
[2012.05.06 18:46:48 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\vlc
[2010.08.26 19:13:36 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Win7codecs
[2010.12.30 09:22:12 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Windows Live Writer
[2010.05.21 00:08:56 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\WinRAR
[2012.02.05 15:00:25 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\Yandex
[2010.05.18 17:19:43 | 000,000,000 | ---D | M] -- C:\Users\LesakMyBox\AppData\Roaming\_MDLogs

< %APPDATA%\*.exe /s >
[2011.06.26 07:32:35 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\LesakMyBox\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2010.12.27 20:35:34 | 000,349,296 | ---- | M] () -- C:\Users\LesakMyBox\AppData\Roaming\OpenCandy\OpenCandy_021F196072984D0CB646CDAA9A224198\DLMgr_3_1.6.87.exe
[2010.12.18 00:07:06 | 000,043,440 | ---- | M] () -- C:\Users\LesakMyBox\AppData\Roaming\OpenCandy\OpenCandy_021F196072984D0CB646CDAA9A224198\SpeedstarterCZ.exe
[2010.12.17 19:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Users\LesakMyBox\AppData\Roaming\OpenCandy\OpenCandy_021F196072984D0CB646CDAA9A224198\ZrychleniPocitace.exe
[2010.12.27 20:35:39 | 001,842,096 | ---- | M] () -- C:\Users\LesakMyBox\AppData\Roaming\OpenCandy\OpenCandy_021F196072984D0CB646CDAA9A224198\ZrychleniPocitace_p2v1.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.06.15 17:36:59 | 000,000,052 | ---- | M] () -- C:\Windows\system32\DOErrors.log
[2012.06.15 18:09:55 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2012.06.15 18:09:55 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2012.06.15 18:21:41 | 000,004,357 | ---- | M] () -- C:\Windows\system32\jupdate-1.6.0_33-b03.log

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"LightScribe Control Panel" = C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2009.08.20 14:25:58 | 002,363,392 | ---- | M] (Hewlett-Packard Company)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.11.10 11:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.06.16 17:25:01 | 000,000,512 | ---- | M] () MD5=31F9BA1CF06A5CDF6867B1D412346959 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2007.10.23 20:31:56 | 000,048,216 | ---- | M] () -- \Users\LesakMyBox\Documents\Dokumenty Office\Elektronika doma\Nokia Telefón\Program odeslani SMS po vlozeni cizi karty\SIMka\Icnvrge.Mobile.Anti.Theft.v1.00.S60v3.SymbianOS9.1.Unsigned.Cracked-BiNPDA.sis
[2007.10.23 20:31:56 | 000,048,216 | ---- | M] () -- \Users\LesakMyBox\Documents\Návody na programy + rady pc\Program odeslani SMS po vlozeni cizi karty\SIMka\Icnvrge.Mobile.Anti.Theft.v1.00.S60v3.SymbianOS9.1.Unsigned.Cracked-BiNPDA.sis

< *keygen* /s >
[2007.01.27 11:27:00 | 000,071,680 | ---- | M] () -- \Users\LesakMyBox\Documents\Návody na programy + rady pc\Nero-7.10.1.0\Keygen.exe
[2004.11.10 06:36:14 | 000,238,592 | ---- | M] () -- \Users\LesakMyBox\Documents\Návody na programy + rady pc\Powerdvd 6.0.0.1102 Multilanguage CZ(zub)\crack\PowerDVD6-Keygen.exe

< *loader* /s >
[2007.06.27 19:03:00 | 000,177,448 | ---- | M] () -- \Program Files (x86)\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2010.10.07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.09.11 20:19:22 | 000,058,664 | ---- | M] () -- \Program Files (x86)\CyberLink\DVD Suite\koan\pyloader.dll
[2009.09.25 20:41:46 | 000,056,416 | ---- | M] () -- \Program Files (x86)\CyberLink\MediaShow\Koan\pyloader.dll
[2009.09.25 20:41:56 | 002,184,488 | ---- | M] () -- \Program Files (x86)\CyberLink\MediaShow\subsys\CES\CES_3DLoaderFBX.dll
[2009.09.25 20:42:00 | 000,020,632 | ---- | M] () -- \Program Files (x86)\CyberLink\MediaShow\subsys\DataCenter\ImageLoader.kc
[2009.07.06 21:20:32 | 002,184,488 | ---- | M] () -- \Program Files (x86)\CyberLink\Shared files\Plugin\5.0\CES_3DLoaderFBX.dll
[2009.10.01 23:14:52 | 000,056,416 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\Koan\pyloader.dll
[2009.10.01 23:13:06 | 000,012,794 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\PyUploader.kc
[2009.10.01 23:13:06 | 000,162,912 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\_PyUploader.pyd
[2009.10.01 23:13:08 | 002,475,304 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2009.10.07 11:42:28 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2009.10.07 11:30:48 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2009.06.26 18:13:48 | 000,674,544 | ---- | M] () -- \Program Files (x86)\HP Games\HP Game Console\WTDownloader.exe
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\facebook\7.1.361\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\facebooklike\7.1.361\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\fbsharedservices\7.1.361\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\featured\7.1.361\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\games\7.1.361\js\shared\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\chat\7.1.361\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\scripts\io\downloader.js
[2009.09.14 13:05:20 | 000,227,705 | ---- | M] () -- \Program Files (x86)\muvee Technologies\muvee Reveal - SE\reveal_quicktour\deploy_ready\loader_pc_mprojector.exe
[2009.09.14 13:05:20 | 000,000,508 | ---- | M] () -- \Program Files (x86)\muvee Technologies\muvee Reveal - SE\reveal_quicktour\deploy_ready\loader_pc_mprojector.exe.manifest
[2009.09.14 13:05:20 | 000,007,124 | ---- | M] () -- \Program Files (x86)\muvee Technologies\muvee Reveal - SE\reveal_quicktour\deploy_ready\loader_pc_mprojector.swf
[2009.09.14 13:05:20 | 000,007,977 | ---- | M] () -- \Program Files (x86)\muvee Technologies\muvee Reveal - SE\reveal_quicktour\deploy_ready\loader_pc_web.swf
[2009.09.14 13:05:20 | 000,008,154 | ---- | M] () -- \Program Files (x86)\muvee Technologies\muvee Reveal - SE\reveal_quicktour\deploy_ready\loader_pc_web2.swf
[2010.12.09 13:10:30 | 000,003,072 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2012.05.25 15:21:42 | 001,125,256 | ---- | M] () -- \Program Files (x86)\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll
[2010.10.07 05:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.11.28 12:58:26 | 000,007,697 | ---- | M] () -- \Program Files\Java\jdk1.6.0_15\demo\jvmti\hprof\src\hprof_loader.c
[2009.11.28 12:58:26 | 000,002,173 | ---- | M] () -- \Program Files\Java\jdk1.6.0_15\demo\jvmti\hprof\src\hprof_loader.h
[2009.11.28 12:58:24 | 000,000,455 | ---- | M] () -- \Program Files\Java\jdk1.6.0_15\lib\visualvm\platform9\config\Modules\org-openide-loaders.xml
[2009.11.28 12:58:24 | 001,063,930 | ---- | M] () -- \Program Files\Java\jdk1.6.0_15\lib\visualvm\platform9\modules\org-openide-loaders.jar
[2009.11.28 12:58:24 | 000,000,373 | ---- | M] () -- \Program Files\Java\jdk1.6.0_15\lib\visualvm\platform9\update_tracking\org-openide-loaders.xml
[2010.03.15 11:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.05.29 17:21:30 | 000,000,072 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter Help.url
[2012.05.29 17:21:30 | 000,001,952 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter.lnk
[2009.06.26 18:14:40 | 000,000,747 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\css\online_loader.css
[2009.06.26 18:14:46 | 000,000,640 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\img\mini_loader_off.gif
[2009.06.26 18:14:46 | 000,002,068 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\img\mini_loader_on.gif
[2009.06.26 18:14:46 | 000,012,527 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\img\windowed_loader_75.gif
[2009.06.26 18:14:48 | 000,003,194 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\js\online_loader.js
[2009.06.26 18:18:14 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\Online_Loader.html
[2009.06.26 18:15:10 | 000,003,083 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\img\going_online_loader.gif
[2009.06.26 18:15:10 | 000,003,241 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\img\onlineloader_retry.gif
[2009.06.26 18:15:08 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\swf\loader_web.swf
[2009.06.26 18:18:42 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\Online_Loader.html
[2009.06.26 18:14:58 | 000,003,065 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\img\going_online_loader.gif
[2009.06.26 18:14:58 | 000,003,097 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\img\onlineloader_retry.gif
[2009.06.26 18:14:56 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\swf\loader_web.swf
[2009.06.26 18:17:40 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\Online_Loader.html
[2009.06.26 18:15:04 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\swf\loader_web.swf
[2009.06.26 18:15:04 | 000,003,065 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\going_online_loader.gif
[2009.06.26 18:15:04 | 000,003,097 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\onlineloader_retry.gif
[2009.06.26 18:19:12 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\Online_Loader.html
[2009.06.26 18:15:06 | 000,003,199 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\img\going_online_loader.gif
[2009.06.26 18:15:06 | 000,003,515 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\img\onlineloader_retry.gif
[2009.06.26 18:15:06 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\swf\loader_web.swf
[2009.06.26 18:19:40 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\Online_Loader.html
[2009.06.26 18:15:12 | 000,003,031 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\img\going_online_loader.gif
[2009.06.26 18:15:12 | 000,003,665 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\img\onlineloader_retry.gif
[2009.06.26 18:15:10 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\swf\loader_web.swf
[2009.06.26 18:20:10 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\Online_Loader.html
[2009.06.26 18:15:08 | 000,003,143 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\img\going_online_loader.gif
[2009.06.26 18:15:08 | 000,003,545 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\img\onlineloader_retry.gif
[2009.06.26 18:15:08 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\swf\loader_web.swf
[2009.06.26 18:20:38 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\Online_Loader.html
[2009.06.26 18:15:14 | 000,003,186 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\img\going_online_loader.gif
[2009.06.26 18:15:14 | 000,003,368 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\img\onlineloader_retry.gif
[2009.06.26 18:15:12 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\swf\loader_web.swf
[2009.06.26 18:21:08 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\Online_Loader.html
[2009.06.26 18:15:02 | 000,003,160 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\img\going_online_loader.gif
[2009.06.26 18:15:02 | 000,003,054 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\img\onlineloader_retry.gif
[2009.06.26 18:15:00 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\swf\loader_web.swf
[2009.06.26 18:21:36 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\Online_Loader.html
[2009.06.26 18:14:56 | 000,003,111 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\img\going_online_loader.gif
[2009.06.26 18:14:56 | 000,003,092 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\img\onlineloader_retry.gif
[2009.06.26 18:14:56 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\swf\loader_web.swf
[2009.06.26 18:22:04 | 000,000,659 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\Online_Loader.html
[2009.06.26 18:14:54 | 000,002,778 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\img\going_online_loader.gif
[2009.06.26 18:14:54 | 000,003,219 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\img\onlineloader_retry.gif
[2009.06.26 18:14:54 | 000,000,600 | ---- | M] () -- \ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\swf\loader_web.swf
[2009.07.06 21:20:32 | 002,184,488 | ---- | M] () -- \SwSetup\CyberDVD\Stage1\PDIR\ShareFiles\Share\Plugin\5.0\CES_3DLoaderFBX.dll
[2012.05.29 17:21:30 | 000,000,072 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter Help.url
[2012.05.29 17:21:30 | 000,001,952 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter.lnk
[2009.06.26 18:14:40 | 000,000,747 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\css\online_loader.css
[2009.06.26 18:14:46 | 000,000,640 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\img\mini_loader_off.gif
[2009.06.26 18:14:46 | 000,002,068 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\img\mini_loader_on.gif
[2009.06.26 18:14:46 | 000,012,527 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\img\windowed_loader_75.gif
[2009.06.26 18:14:48 | 000,003,194 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\js\online_loader.js
[2009.06.26 18:18:14 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\Online_Loader.html
[2009.06.26 18:15:10 | 000,003,083 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\img\going_online_loader.gif
[2009.06.26 18:15:10 | 000,003,241 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\img\onlineloader_retry.gif
[2009.06.26 18:15:08 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\swf\loader_web.swf
[2009.06.26 18:18:42 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\Online_Loader.html
[2009.06.26 18:14:58 | 000,003,065 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\img\going_online_loader.gif
[2009.06.26 18:14:58 | 000,003,097 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\img\onlineloader_retry.gif
[2009.06.26 18:14:56 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\swf\loader_web.swf
[2009.06.26 18:17:40 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\Online_Loader.html
[2009.06.26 18:15:04 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\swf\loader_web.swf
[2009.06.26 18:15:04 | 000,003,065 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\going_online_loader.gif
[2009.06.26 18:15:04 | 000,003,097 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\onlineloader_retry.gif
[2009.06.26 18:19:12 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\Online_Loader.html
[2009.06.26 18:15:06 | 000,003,199 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\img\going_online_loader.gif
[2009.06.26 18:15:06 | 000,003,515 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\img\onlineloader_retry.gif
[2009.06.26 18:15:06 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\swf\loader_web.swf
[2009.06.26 18:19:40 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\Online_Loader.html
[2009.06.26 18:15:12 | 000,003,031 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\img\going_online_loader.gif
[2009.06.26 18:15:12 | 000,003,665 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\img\onlineloader_retry.gif
[2009.06.26 18:15:10 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\swf\loader_web.swf
[2009.06.26 18:20:10 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\Online_Loader.html
[2009.06.26 18:15:08 | 000,003,143 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\img\going_online_loader.gif
[2009.06.26 18:15:08 | 000,003,545 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\img\onlineloader_retry.gif
[2009.06.26 18:15:08 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\swf\loader_web.swf
[2009.06.26 18:20:38 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\Online_Loader.html
[2009.06.26 18:15:14 | 000,003,186 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\img\going_online_loader.gif
[2009.06.26 18:15:14 | 000,003,368 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\img\onlineloader_retry.gif
[2009.06.26 18:15:12 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\swf\loader_web.swf
[2009.06.26 18:21:08 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\Online_Loader.html
[2009.06.26 18:15:02 | 000,003,160 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\img\going_online_loader.gif
[2009.06.26 18:15:02 | 000,003,054 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\img\onlineloader_retry.gif
[2009.06.26 18:15:00 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\swf\loader_web.swf
[2009.06.26 18:21:36 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\Online_Loader.html
[2009.06.26 18:14:56 | 000,003,111 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\img\going_online_loader.gif
[2009.06.26 18:14:56 | 000,003,092 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\img\onlineloader_retry.gif
[2009.06.26 18:14:56 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\swf\loader_web.swf
[2009.06.26 18:22:04 | 000,000,659 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\Online_Loader.html
[2009.06.26 18:14:54 | 000,002,778 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\img\going_online_loader.gif
[2009.06.26 18:14:54 | 000,003,219 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\img\onlineloader_retry.gif
[2009.06.26 18:14:54 | 000,000,600 | ---- | M] () -- \Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\swf\loader_web.swf
[2012.04.22 09:48:51 | 000,081,867 | ---- | M] () -- \Users\LesakMyBox\AppData\Local\SRDownloader.err
[2012.04.21 18:55:46 | 000,001,176 | ---- | M] () -- \Users\LesakMyBox\AppData\Local\SRDownloader.nast
[2010.09.22 14:16:48 | 000,005,273 | ---- | M] () -- \Users\LesakMyBox\AppData\Local\Microsoft\Toolbar\Applications\loader.xap
[2011.12.22 19:59:46 | 000,057,728 | ---- | M] () -- \Users\LesakMyBox\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2011.12.22 19:59:46 | 000,057,728 | ---- | M] () -- \Users\LesakMyBox\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2011.12.22 19:59:46 | 000,057,728 | ---- | M] () -- \Users\LesakMyBox\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011.12.22 19:59:47 | 000,057,728 | ---- | M] () -- \Users\LesakMyBox\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2011.12.22 19:59:47 | 000,057,728 | ---- | M] () -- \Users\LesakMyBox\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2011.12.22 19:59:47 | 000,061,770 | ---- | M] () -- \Users\LesakMyBox\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2011.12.22 19:59:47 | 000,061,770 | ---- | M] () -- \Users\LesakMyBox\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.05.30 19:12:09 | 000,000,001 | ---- | M] () -- \Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\{F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB}\youtubedownloader.lock
[2012.05.30 19:12:09 | 000,000,053 | ---- | M] () -- \Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\youtubedownloader@mybrowserbar.com
[2012.03.11 21:06:07 | 000,904,192 | ---- | M] () -- \Users\LesakMyBox\Desktop\SRDownloader.exe
[2011.08.12 18:11:57 | 015,917,077 | ---- | M] () -- \Users\LesakMyBox\Desktop\audio&video roztridit\Dance\VA Dance Club 2011\02-edward_maya_-_this_is_my_life_feat_vika_jigulina_(ruff_loaderz_club_mix)-nrg.mp3
[2011.03.06 03:28:52 | 007,233,054 | ---- | M] () -- \Users\LesakMyBox\Desktop\audio&video roztridit\Dance\VA Winter Dance Arena 2011\Edward Maya Feat. Vika Jigulina - This Is My Life (Ruff Loaderz Club Mix).mp3
[2007.01.04 02:26:20 | 000,003,095 | ---- | M] () -- \Users\LesakMyBox\Documents\Dokumenty Office\Tvorba WWW moje\html_text\nvu\components\uriloader.xpt
[2012.05.29 17:21:30 | 000,001,046 | ---- | M] () -- \Users\Public\Desktop\YTD YouTube Downloader & Converter.lnk
[2010.10.07 05:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.6029\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.10.07 05:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.6029\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.03.19 21:39:02 | 000,009,622 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.03.19 21:45:38 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.03.19 21:39:02 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.03.19 21:45:38 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:18:33 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.11.28 19:56:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.11.28 19:56:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.11.28 19:56:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.11.28 19:56:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.11.28 19:56:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.04.15 06:45:20 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.04.15 06:45:21 | 000,640,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.efi_75834aa0
[2011.04.15 06:45:21 | 000,603,976 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.exe_75835076
[2011.04.15 06:45:21 | 000,556,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.efi_85cd069f
[2011.04.15 06:45:21 | 000,518,160 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.11.28 19:54:30 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.03.29 06:01:00 | 000,413,696 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.dll
[2012.05.13 03:08:33 | 001,186,816 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.ni.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.11.28 19:56:32 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.04.14 19:20:46 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010.04.14 19:20:46 | 000,141,168 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010.04.14 19:20:46 | 000,321,376 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Xml.Serialization.dll
[2009.11.28 12:58:23 | 000,033,792 | ---- | M] () -- \Program Files\Java\jdk1.6.0_15\bin\serialver.exe
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.11.28 19:56:32 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.05.28 18:32:23 | 000,000,072 | ---- | M] () -- \Users\LesakMyBox\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2010.10.23 21:38:51 | 000,014,781 | ---- | M] () -- \Users\LesakMyBox\Desktop\Seznam - Film - Hudba - Dokument - DVD - Aktualni\Serialy\serialy.odt
[2010.10.23 21:38:57 | 000,015,410 | ---- | M] () -- \Users\LesakMyBox\Desktop\Seznam - Film - Hudba - Dokument - DVD - Aktualni\Serialy\serialy.pdf
[1999.12.22 15:35:00 | 000,003,982 | ---- | M] () -- \Users\LesakMyBox\Documents\Knihy - IT e-books megapack\Manuál WWW, PHP, Java\www_3\Návod HTML\Manual PHP\function.serialize.html
[1999.12.22 15:40:38 | 000,003,787 | ---- | M] () -- \Users\LesakMyBox\Documents\Knihy - IT e-books megapack\Manuál WWW, PHP, Java\www_3\Návod HTML\Manual PHP\function.unserialize.html
[1999.12.22 15:42:28 | 000,002,454 | ---- | M] () -- \Users\LesakMyBox\Documents\Knihy - IT e-books megapack\Manuál WWW, PHP, Java\www_3\Návod HTML\Manual PHP\function.wddx-deserialize.html
[1999.12.22 15:42:26 | 000,002,649 | ---- | M] () -- \Users\LesakMyBox\Documents\Knihy - IT e-books megapack\Manuál WWW, PHP, Java\www_3\Návod HTML\Manual PHP\function.wddx-serialize-value.html
[1999.12.22 15:42:26 | 000,003,824 | ---- | M] () -- \Users\LesakMyBox\Documents\Knihy - IT e-books megapack\Manuál WWW, PHP, Java\www_3\Návod HTML\Manual PHP\function.wddx-serialize-vars.html
[2000.08.22 09:07:14 | 000,004,038 | ---- | M] () -- \Users\LesakMyBox\Documents\Knihy - IT e-books megapack\PHP - programujeme profesionálně\PHP\Dokumentace\PHP Manual - HTML\function.serialize.html
[2000.08.22 09:07:14 | 000,003,830 | ---- | M] () -- \Users\LesakMyBox\Documents\Knihy - IT e-books megapack\PHP - programujeme profesionálně\PHP\Dokumentace\PHP Manual - HTML\function.unserialize.html
[2000.08.22 09:07:14 | 000,002,420 | ---- | M] () -- \Users\LesakMyBox\Documents\Knihy - IT e-books megapack\PHP - programujeme profesionálně\PHP\Dokumentace\PHP Manual - HTML\function.wddx-deserialize.html
[2000.08.22 09:07:14 | 000,002,575 | ---- | M] () -- \Users\LesakMyBox\Documents\Knihy - IT e-books megapack\PHP - programujeme profesionálně\PHP\Dokumentace\PHP Manual - HTML\function.wddx-serialize-value.html
[2000.08.22 09:07:14 | 000,003,952 | ---- | M] () -- \Users\LesakMyBox\Documents\Knihy - IT e-books megapack\PHP - programujeme profesionálně\PHP\Dokumentace\PHP Manual - HTML\function.wddx-serialize-vars.html
[2008.01.04 14:27:56 | 000,000,040 | ---- | M] () -- \Users\LesakMyBox\Documents\Návody na programy + rady pc\Nero-7.10.1.0\serial number.txt
[2007.07.17 20:07:52 | 000,043,008 | ---- | M] () -- \Users\LesakMyBox\Documents\Návody na programy + rady pc\Photoshop plna verze + crack + čeština\photoshop + crack\vse na photoshop ruzne progra.na CS3\Adobe CS3 Master Collection Serial ONLY.exe
[2008.04.18 03:29:34 | 000,004,704 | ---- | M] () -- \Users\LesakMyBox\Documents\Návody na programy + rady pc\Photoshop plna verze + crack + čeština\photoshop + crack\vse na photoshop ruzne progra.na CS3\MKDEV TEAM serial-Dreamweaver.NFO
[2007.04.20 22:39:14 | 000,004,754 | ---- | M] () -- \Users\LesakMyBox\Documents\Návody na programy + rady pc\Photoshop plna verze + crack + čeština\photoshop + crack\vse na photoshop ruzne progra.na CS3\Adobe Flash CS3 Video Encoder.MKDEV.TEAM\MKDEV TEAM serial.NFO
[2007.02.11 19:53:20 | 000,000,293 | ---- | M] () -- \Users\LesakMyBox\Documents\Návody na programy + rady pc\VSO DivXToDVD v1.99.18.47 + serial\serial.txt
[1999.12.22 16:35:00 | 000,003,982 | ---- | M] () -- \Users\LesakMyBox\Documents\PDF - video Excel rady & triky 2007\rady pro it\Manuál WWW, PHP, Java\www_3\Návod HTML\Manual PHP\function.serialize.html
[1999.12.22 16:40:38 | 000,003,787 | ---- | M] () -- \Users\LesakMyBox\Documents\PDF - video Excel rady & triky 2007\rady pro it\Manuál WWW, PHP, Java\www_3\Návod HTML\Manual PHP\function.unserialize.html
[1999.12.22 16:42:28 | 000,002,454 | ---- | M] () -- \Users\LesakMyBox\Documents\PDF - video Excel rady & triky 2007\rady pro it\Manuál WWW, PHP, Java\www_3\Návod HTML\Manual PHP\function.wddx-deserialize.html
[1999.12.22 16:42:26 | 000,002,649 | ---- | M] () -- \Users\LesakMyBox\Documents\PDF - video Excel rady & triky 2007\rady pro it\Manuál WWW, PHP, Java\www_3\Návod HTML\Manual PHP\function.wddx-serialize-value.html
[1999.12.22 16:42:26 | 000,003,824 | ---- | M] () -- \Users\LesakMyBox\Documents\PDF - video Excel rady & triky 2007\rady pro it\Manuál WWW, PHP, Java\www_3\Návod HTML\Manual PHP\function.wddx-serialize-vars.html
[2000.08.22 10:07:14 | 000,004,038 | ---- | M] () -- \Users\LesakMyBox\Documents\PDF - video Excel rady & triky 2007\rady pro it\PHP - programujeme profesionálně\PHP\Dokumentace\PHP Manual - HTML\function.serialize.html
[2000.08.22 10:07:14 | 000,003,830 | ---- | M] () -- \Users\LesakMyBox\Documents\PDF - video Excel rady & triky 2007\rady pro it\PHP - programujeme profesionálně\PHP\Dokumentace\PHP Manual - HTML\function.unserialize.html
[2000.08.22 10:07:14 | 000,002,420 | ---- | M] () -- \Users\LesakMyBox\Documents\PDF - video Excel rady & triky 2007\rady pro it\PHP - programujeme profesionálně\PHP\Dokumentace\PHP Manual - HTML\function.wddx-deserialize.html
[2000.08.22 10:07:14 | 000,002,575 | ---- | M] () -- \Users\LesakMyBox\Documents\PDF - video Excel rady & triky 2007\rady pro it\PHP - programujeme profesionálně\PHP\Dokumentace\PHP Manual - HTML\function.wddx-serialize-value.html
[2000.08.22 10:07:14 | 000,003,952 | ---- | M] () -- \Users\LesakMyBox\Documents\PDF - video Excel rady & triky 2007\rady pro it\PHP - programujeme profesionálně\PHP\Dokumentace\PHP Manual - HTML\function.wddx-serialize-vars.html
[2009.11.28 19:56:21 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.11.28 19:56:32 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.13 03:33:51 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\35fcbda2532ece23d09a044aa2ef62a4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.13 08:09:23 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3848d7865bda88a9e94e03480b5ada2f\System.Runtime.Serialization.ni.dll
[2012.05.13 03:41:56 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\3805923cd6a0d7c9c4c872c1ede4619d\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.13 08:35:46 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\f37d2ca916cafdabe1c4f6f9c6b2c518\System.Runtime.Serialization.ni.dll
[2012.05.13 08:28:26 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.13 08:28:14 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
[2012.05.13 08:33:05 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
[2012.05.13 10:03:00 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7590828d50338d512b11a4d3f87d69a2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.13 10:02:39 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\affb28e2d9cc3c19de0758e7e8c68e8f\System.Runtime.Serialization.ni.dll
[2012.05.13 10:10:11 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7fa267d10b2df6dbd00d00d130715f0a\System.Xml.Serialization.ni.dll
[2012.06.15 17:47:54 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.06.15 17:47:51 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.06.15 17:48:04 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.11.28 19:56:22 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.11.28 19:56:18 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.11.28 19:56:08 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.11.28 19:56:08 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.11.28 19:56:18 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.11.28 19:56:23 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.11.28 19:56:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2009.11.28 19:56:24 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2011.04.15 06:45:21 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.04.15 06:45:22 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933_kdcom.dll_db5e7744
[2009.11.28 19:56:51 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.11.28 19:56:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2009.11.28 19:55:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.11.28 19:56:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009.11.28 19:56:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009.11.28 19:56:22 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.11.28 19:56:08 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.11.28 19:56:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Files - Unicode (All) ==========
[2010.10.17 18:18:51 | 000,000,000 | ---D | M](C:\Users\LesakMyBox\AppData\Roaming\???????sAppData) -- C:\Users\LesakMyBox\AppData\Roaming\敎潲䍄敔灭慬整sAppData
[2010.10.17 18:18:51 | 000,000,000 | ---D | M](C:\Users\LesakMyBox\AppData\Roaming\???????sAppData) -- C:\Users\LesakMyBox\AppData\Roaming\敎潲䍄敔灭慬整sAppData
[2010.10.17 17:37:13 | 000,000,000 | ---D | C](C:\Users\LesakMyBox\AppData\Roaming\???????sAppData) -- C:\Users\LesakMyBox\AppData\Roaming\敎潲䍄敔灭慬整sAppData
(C:\Users\LesakMyBox\AppData\Roaming\???????sAppData) -- C:\Users\LesakMyBox\AppData\Roaming\敎潲䍄敔灭慬整sAppData

========== Alternate Data Streams ==========

@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:C1F4198F

< End of report >

Ted uz je cely. Ten druhy neni az tak dulezity, takze to nevadi.


Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem otl) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

tady to je ..... vše proběhlo OK

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95CD0354-CA17-4DE6-9698-77B9BDADED5B}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95CD0354-CA17-4DE6-9698-77B9BDADED5B}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95CD0354-CA17-4DE6-9698-77B9BDADED5B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95CD0354-CA17-4DE6-9698-77B9BDADED5B}\ not found.
HKEY_USERS\S-1-5-21-43112493-3568498617-3430726471-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-43112493-3568498617-3430726471-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8172f457-818d-46db-941f-2bbe53e156af}\ not found.
Registry key HKEY_USERS\S-1-5-21-43112493-3568498617-3430726471-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9535AF12-1192-44A8-A8BA-E0F414F5B3D2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9535AF12-1192-44A8-A8BA-E0F414F5B3D2}\ not found.
Registry key HKEY_USERS\S-1-5-21-43112493-3568498617-3430726471-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E41F9848-5534-47C6-82EE-DBB2DDFF13B0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E41F9848-5534-47C6-82EE-DBB2DDFF13B0}\ not found.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\modules\foundation folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\modules folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\META-INF folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\defaults\preferences folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\defaults\dynamic-preferences folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\defaults folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\components folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\chrome folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\cbapp\parts\xb folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\cbapp\parts\platform folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\cbapp\parts\native folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\cbapp\parts folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru\cbapp folder moved successfully.
C:\Users\LesakMyBox\AppData\Roaming\Mozilla\Firefox\Profiles\5al3i2yt.default\extensions\yasearch@yandex.ru folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-43112493-3568498617-3430726471-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
C:\Users\LesakMyBox\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP\WiseCustomCalla.dll deleted successfully.
C:\Users\LesakMyBox\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP47DD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP680B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP840F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9A1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBE64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF747.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP159.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1737.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2698.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3B0D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP446F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5A02.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6995.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7720.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP89A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9395.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA1AB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBB34.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD31A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE9AB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE9F1.tmp folder deleted successfully.
C:\Windows\Installer\MSI2FFB.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\9f1a5f9195e441d8246d35b540275b01\BIT59C7.tmp deleted successfully.
ADS C:\ProgramData\Temp:C1F4198F deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LesakMyBox
->Temp folder emptied: 247040 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 65546993 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 506 bytes

User: NET
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 63,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: LesakMyBox
->Flash cache emptied: 0 bytes

User: NET

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.49.0 log created on 06162012_193439

Files\Folders moved on Reboot...
C:\Users\LesakMyBox\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Nainstalujte Service Pack 1

Aktualizujte Internet Explorer, i kdyz jej treba nepouzivate



Vsechny tyto programy - vcetne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk
Stahnete napriklad program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci



Az vse provedete, napiste, jak to s pc vypada