Skype vir

Zpráva

majklef · #1 Příspěvek od **majklef** » 07 říj 2012 13:46

Ahoj...
Mohl bych poprosit o pomoc?
Bohužel se nám taky podařilo otevřít virový odkaz na skypu a ted už ho skype odesílá všem našim kontaktům...

Mohl bych moc poprosit o kontrolu logu a případnou pomoc?
Díky moc...

Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 5 GB (7%) free of 76 GB
Total RAM: 1023 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:30:12, on 7.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\vsnp2std.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\CT24\ct24crawl.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\BySoft FreeRAM\FreeRAM.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\AUDIODG.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\Masouni\AppData\Local\Opera\Opera\temporary_downloads\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Masouni.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\listicka.dll
O3 - Toolbar: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ct24crawl] C:\Program Files\CT24\ct24crawl.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [BySoft FreeRAM] C:\Program Files\BySoft FreeRAM\FreeRAM.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: InterCasino EUR - {9536DF30-CF04-4A89-B26B-4781E242230C} - http://www.intercasino.com/?utm_source= ... d-casino-l (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: InterCasino EUR - {9536DF30-CF04-4A89-B26B-4781E242230C} - http://www.intercasino.com/?utm_source= ... d-casino-l (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

--
End of file - 14011 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1285935003-2300882945-1030792899-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1285935003-2300882945-1030792899-1001UA.job
C:\Windows\tasks\RMSchedule.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{ea614400-e918-4741-9a97-7a972ff7c30b}"=C:\Program Files\Seznam.cz\firefox

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198]
"Description"=15.0.0.198
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
xmlfiller@software602.cz
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIFillerPlugin.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npfiller.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
nprjplug.dll
nprpjplug.dll
nsjsrealplayerplugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
fcmdSrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions\
engine@conduit.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{ada4b710-8346-4b82-8199-5de2b400a6ae}

C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\searchplugins\
icqplugin.xml
inbox-hledn.xml
wot-safe-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-07 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2009-11-25 202080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\bin\listicka.dll [2012-04-16 1508376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25 1496408]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll [2012-04-16 188952]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-27 1983816]
"snp2std"=C:\Windows\vsnp2std.exe [2006-09-15 675840]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-03-21 103896]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 3117344]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-09-07 766536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ct24crawl"=C:\Program Files\CT24\ct24crawl.exe [2010-08-09 929280]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]
"BySoft FreeRAM"=C:\Program Files\BySoft FreeRAM\FreeRAM.exe [2007-09-28 318976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileHippo.com]
C:\Program Files\FileHippo.com\UpdateChecker.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Masouni\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-03 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime Alternative\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRDownloader]
D:\SRDownloader.exe [2011-03-12 995328]

C:\Users\Masouni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"vidc.tscc"=tsccvid.dll
"vidc.XVID"=xvidvfw.dll
"msacm.aacacm"=AACACM.acm
"msacm.lameacm"=lameACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.x264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-07 14:29:40 ----D---- C:\Program Files\trend micro
2012-10-07 14:29:34 ----D---- C:\rsit
2012-10-07 13:56:37 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2012-10-07 13:56:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-10-07 13:56:05 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-10-07 13:46:12 ----A---- C:\Users\Masouni\AppData\Roaming\E348.exe
2012-10-07 13:40:39 ----A---- C:\Users\Masouni\AppData\Roaming\D19B.exe
2012-10-07 13:39:11 ----D---- C:\Users\Masouni\AppData\Roaming\ESET
2012-10-07 13:36:31 ----A---- C:\Users\Masouni\AppData\Roaming\7A7.exe
2012-10-07 13:33:52 ----D---- C:\ProgramData\ESET
2012-10-07 13:33:52 ----D---- C:\Program Files\ESET
2012-10-07 12:43:58 ----A---- C:\Users\Masouni\AppData\Roaming\EC68.exe
2012-10-07 10:49:18 ----A---- C:\Users\Masouni\AppData\Roaming\EED5.exe
2012-10-07 10:18:00 ----A---- C:\Users\Masouni\AppData\Roaming\4868.exe
2012-10-07 10:14:38 ----A---- C:\Users\Masouni\AppData\Roaming\32D4.exe

======List of files/folders modified in the last 1 month======

2012-10-07 14:29:55 ----D---- C:\Windows\Prefetch
2012-10-07 14:29:43 ----D---- C:\Windows\Temp
2012-10-07 14:29:40 ----RD---- C:\Program Files
2012-10-07 13:57:02 ----D---- C:\Windows\system32\drivers
2012-10-07 13:40:13 ----D---- C:\Windows\system32\config
2012-10-07 13:38:26 ----SHD---- C:\Windows\Installer
2012-10-07 13:35:59 ----D---- C:\Windows\inf
2012-10-07 13:35:56 ----D---- C:\Windows\system32\catroot
2012-10-07 13:35:55 ----D---- C:\Windows\system32\DriverStore
2012-10-07 13:33:52 ----HD---- C:\ProgramData
2012-10-07 13:29:55 ----SHD---- C:\System Volume Information
2012-10-07 13:15:29 ----D---- C:\Users\Masouni\AppData\Roaming\Skype
2012-10-07 08:15:05 ----D---- C:\Program Files\SpeedFan
2012-10-04 06:29:22 ----D---- C:\Windows\System32
2012-10-04 06:29:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-25 22:05:56 ----SD---- C:\Users\Masouni\AppData\Roaming\Microsoft
2012-09-20 19:13:15 ----D---- C:\Users\Masouni\AppData\Roaming\Zoner
2012-09-20 19:12:11 ----D---- C:\Program Files\Zoner
2012-09-14 19:00:04 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-09-14 09:33:56 ----D---- C:\Program Files\Mozilla Firefox
2012-09-13 16:33:23 ----D---- C:\Program Files\Microsoft Games
2012-09-09 22:31:04 ----D---- C:\Users\Masouni\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 50624]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2010-12-18 21696]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-06-26 477240]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 169080]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 33656]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2010-01-29 82320]
R2 cpuz133;cpuz133; \??\C:\Windows\system32\drivers\cpuz133_x32.sys [2010-05-11 20072]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 148504]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-09-07 22856]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2012-10-07 40776]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-01-26 12028032]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-31 10064]
S3 AF15BDA;WinFast DTV Dongle Gold BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2010-06-22 493312]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\fxxandroidusb.sys [2010-10-14 25728]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 btaudio;Bluetooth Audio Device; C:\Windows\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\Windows\system32\DRIVERS\btport.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 BTKRNL;Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\btkrnl.sys []
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-14 45736]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\Windows\system32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\Windows\System32\Drivers\btwusb.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [2007-09-25 15152]
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2011-02-27 23456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\FXX\qcusbser.sys [2010-10-14 103424]
S3 RAMDiskVE;RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 snpstd2;Trust WB-3400T Webcam; C:\Windows\system32\DRIVERS\snpstd2.sys [2004-10-14 347264]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-03-07 913144]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-03-21 793048]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-01-07 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2011-05-07 214520]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-11-02 1479488]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-07 250568]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-08-13 182768]
S3 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-14 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-03 1343400]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 07 říj 2012 14:38

Zdravim

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

majklef · #3 Příspěvek od **majklef** » 07 říj 2012 14:43

Ahoj.Díky moc za tak rychlou odpověd a pomoc.Takže ten ksindl už je u nás v pc jestli to dobře chápu?
Tak to je asi první infiltrace takového rozsahu:-(
Ještě jednou moc díky za pomoc...jdu zkusit podle návodu opravovat napáchaně škody...

#4 Příspěvek od **vyosek** » 07 říj 2012 14:45

Ano, je tam

majklef · #5 Příspěvek od **majklef** » 07 říj 2012 15:44

Ahoj.
Tak Rkill proběhl a log je zde:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/07/2012 04:07:02 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* C:\Windows\System32\user32.dll [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll : 811 520 : 07/14/2009 00:16 AM : 34b7e222e81fafa885f0c5f2cfa56861 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll : 811 520 : 11/20/2010 01:21 PM : f1dd3acaee5e6b4bbc69bc6df75cef66 [Pos Repl]

Checking HOSTS File:

* No issues found.

Program finished at: 10/07/2012 04:08:53 PM
Execution time: 0 hours(s), 1 minute(s), and 51 seconds(s)

U Combofixu se vyskytl problém asi oprostřed skenu,program nemohl něco přečíst:-( Přikládám screen.A výsledný txt soubor také pod složkou C:\ComboFix.txt není:-(
To bych nebyl já,aby nebyl další problém:-(
Mohl bych moc poprosit zase o pomoc?
Díky moc

#6 Příspěvek od **vyosek** » 07 říj 2012 18:07

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku[

[/list]

majklef · #7 Příspěvek od **majklef** » 07 říj 2012 20:57

Ještě jednou díky za pomoc...
OTL proběhlo,trvalo to asi 2 hodiny a proběhl v pořádku..

OTL logfile created on: 7.10.2012 19:40:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Masouni\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,24 Mb Total Physical Memory | 348,15 Mb Available Physical Memory | 34,02% Memory free
2,00 Gb Paging File | 0,77 Gb Available in Paging File | 38,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 15,72 Gb Free Space | 21,10% Space Free | Partition Type: NTFS
Drive D: | 149,04 Gb Total Space | 7,74 Gb Free Space | 5,19% Space Free | Partition Type: NTFS

Computer Name: MASOUNI | User Name: Masouni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.10.07 19:38:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Masouni\Desktop\OTL.exe
PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.02 09:29:50 | 000,874,896 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.03.21 12:23:14 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012.03.21 12:23:12 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2012.03.07 15:40:28 | 003,117,344 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
PRC - [2011.12.07 23:23:19 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011.11.02 21:29:20 | 001,479,488 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2011.11.02 21:29:20 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2011.03.17 12:50:42 | 004,523,928 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010.08.09 23:47:50 | 000,929,280 | ---- | M] () -- C:\Program Files\CT24\ct24crawl.exe
PRC - [2010.04.14 12:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.07.27 04:10:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007.09.28 14:32:40 | 000,318,976 | ---- | M] (BySoft) -- C:\Program Files\BySoft FreeRAM\FreeRAM.exe
PRC - [2007.01.01 23:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2006.09.15 14:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe

========== Modules (No Company Name) ==========

MOD - [2012.10.07 17:40:21 | 000,192,512 | ---- | M] () -- C:\Users\Masouni\AppData\Local\Temp\sfamcc00001.dll
MOD - [2012.10.07 17:40:20 | 000,172,032 | ---- | M] () -- C:\Users\Masouni\AppData\Local\Temp\sfareca00001.dll
MOD - [2012.09.07 14:22:11 | 009,813,704 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2012.09.02 09:29:59 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2012.09.02 09:29:59 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012.09.02 09:29:59 | 000,276,480 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012.09.02 09:29:59 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012.09.02 09:29:59 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012.09.02 09:29:59 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012.09.02 09:29:59 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012.09.02 09:29:59 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012.09.02 09:29:59 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012.09.02 09:29:59 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012.09.02 09:29:59 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012.09.02 09:29:59 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012.09.02 09:29:59 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012.04.16 17:35:52 | 000,818,712 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\email.4.dll
MOD - [2012.04.16 17:35:00 | 001,152,024 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\core.4.dll
MOD - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
MOD - [2010.08.09 23:47:50 | 000,929,280 | ---- | M] () -- C:\Program Files\CT24\ct24crawl.exe
MOD - [2009.08.16 18:06:04 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Services (SafeList) ==========

SRV - [2012.09.14 09:22:51 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.07 14:22:12 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.03 01:50:20 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.03.21 12:23:14 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2011.11.02 21:29:20 | 001,479,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.04.14 12:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.03.04 12:25:12 | 000,621,056 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007.05.31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RAMDiskVE.sys -- (RAMDiskVE)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (azpnplw5)
DRV - [2012.10.07 17:10:41 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.06.26 02:06:21 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012.03.14 08:40:04 | 000,148,504 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2012.03.14 08:40:02 | 000,169,080 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2012.03.14 08:40:02 | 000,120,152 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.03.14 08:40:02 | 000,050,624 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2012.03.14 08:40:02 | 000,033,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2011.10.31 16:00:20 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.02.27 00:32:55 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2010.12.18 13:03:56 | 000,021,696 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2010.11.26 18:02:20 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 12:06:36 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.10.14 10:08:13 | 000,103,424 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FXX\qcusbser.sys -- (qcusbser)
DRV - [2010.10.14 10:08:13 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fxxandroidusb.sys -- (androidusb)
DRV - [2010.06.22 03:11:00 | 000,493,312 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2010.05.11 12:00:34 | 000,020,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2010.04.14 02:01:48 | 000,045,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2010.02.11 09:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.02.03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.01.29 12:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009.10.13 03:16:02 | 000,049,152 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\l160x86.sys -- (AtcL001)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.09.25 16:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007.04.23 13:54:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115mgmt.sys -- (s115mgmt)
DRV - [2007.04.23 13:54:50 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115obex.sys -- (s115obex)
DRV - [2007.04.23 13:54:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007.04.23 13:54:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007.04.23 13:54:46 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s115bus.sys -- (s115bus)
DRV - [2007.01.26 17:48:28 | 012,028,032 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2sxp.sys -- (SNP2STD)
DRV - [2006.12.05 12:34:42 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2004.10.14 18:12:02 | 000,347,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd2.sys -- (snpstd2)
DRV - [2004.08.13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029

IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE 92 17 A1 EF F4 CA 01 [binary data]
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{03596038-44cc-44fc-bfb8-96db136931c2}: "URL" = http://www.mapy.cz/?query={searchTerms} ... kSearch_12
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... DF221D2C7B
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60076
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{4ff617c4-d445-4e01-991f-477804c4d65d}: "URL" = http://search.seznam.cz/?q={searchTerms ... kSearch_12
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... }&ch_id=sm
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7IRFC_cs
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox.com/search/dispatc ... 093&lng=cs
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{C9211A97-08FF-489F-B34D-8778D476EEE0}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{df010eae-abf8-491c-b13e-f8a6aff9b86e}: "URL" = http://www.firmy.cz/phr/{searchTerms}?s ... kSearch_12
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{e255001a-e12b-4bef-a125-42e6ec0e816c}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... kSearch_12
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: {ada4b710-8346-4b82-8199-5de2b400a6ae}:2.0.1
FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.1
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120926

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Masouni\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Masouni\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.12.07 23:24:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ea614400-e918-4741-9a97-7a972ff7c30b}: C:\Program Files\Seznam.cz\firefox [2012.05.06 15:20:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.14 09:22:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.18 07:25:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.10.07 13:34:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{ea614400-e918-4741-9a97-7a972ff7c30b}: C:\Program Files\Seznam.cz\firefox [2012.05.06 15:20:32 | 000,000,000 | ---D | M]

[2010.08.09 19:48:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Masouni\AppData\Roaming\Mozilla\Extensions
[2012.10.04 09:33:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions
[2012.09.14 14:25:20 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.10.04 09:33:19 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.09.03 00:05:01 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011.09.07 22:51:06 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions\engine@conduit.com
[2011.03.22 21:04:02 | 000,330,316 | ---- | M] () (No name found) -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions\personas@christopher.beard.xpi
[2010.02.02 16:29:00 | 000,063,401 | ---- | M] () (No name found) -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions\wagerlogic.xpi
[2012.07.25 17:39:53 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.08.10 23:32:56 | 000,000,822 | ---- | M] () (No name found) -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\xpi-details.xsl
[2012.10.03 23:10:53 | 000,001,056 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\searchplugins\icqplugin.xml
[2011.04.05 14:35:53 | 000,002,305 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\searchplugins\inbox-hledn.xml
[2012.10.03 23:10:53 | 000,002,112 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\searchplugins\wot-safe-search.xml
[2012.05.08 01:28:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.05.08 01:28:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.12.27 15:12:49 | 000,000,000 | ---D | M] ("602XML Filler") -- C:\Program Files\Mozilla Firefox\extensions\xmlfiller@software602.cz
[2012.09.14 09:22:52 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.03.29 14:04:14 | 000,081,920 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npfiller.dll
[2011.04.17 17:01:05 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.03.27 15:01:56 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.03.27 15:01:56 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.11 23:07:07 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.03.27 15:01:56 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.03.27 15:01:56 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.03.27 15:01:56 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://start.facemoods.com/?a=ddrnw
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Masouni\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Masouni\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Masouni\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Google Translate = C:\Users\Masouni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.3.1_0\
CHR - Extension: Google Translate = C:\Users\Masouni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Angry Birds = C:\Users\Masouni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Masouni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Masouni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\

O1 HOSTS File: ([2010.03.27 08:28:59 | 000,000,886 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found.
O3 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\Toolbar\WebBrowser: (Nástroje Lištičky) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O3 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001..\Run: [BySoft FreeRAM] C:\Program Files\BySoft FreeRAM\FreeRAM.exe (BySoft)
O4 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001..\Run: [ct24crawl] C:\Program Files\CT24\ct24crawl.exe ()
O4 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\bin\postak.exe ()
O4 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001..\Run: [Wqiciy] C:\Users\Masouni\AppData\Roaming\Wqiciy.exe File not found
O4 - Startup: C:\Users\Masouni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Send To &Bluetooth - Reg Error: Value error. File not found
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.101.1 192.168.102.1 212.24.128.8 212.24.132.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CEDE223A-9CAE-4724-B249-439D3E879F58}: DhcpNameServer = 192.168.101.1 192.168.102.1 212.24.128.8 212.24.132.132
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{64ad1d2b-d1d9-11e1-a340-0018f303b748}\Shell - "" = AutoRun
O33 - MountPoints2\{64ad1d2b-d1d9-11e1-a340-0018f303b748}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{64ad1d3a-d1d9-11e1-a340-0018f303b748}\Shell - "" = AutoRun
O33 - MountPoints2\{64ad1d3a-d1d9-11e1-a340-0018f303b748}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{f40e2d32-c316-11de-9b02-0018f303b748}\Shell - "" = AutoRun
O33 - MountPoints2\{f40e2d32-c316-11de-9b02-0018f303b748}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\V\Shell - "" = AutoRun
O33 - MountPoints2\V\Shell\AutoRun\command - "" = V:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.aacacm - C:\Windows\System32\AACACM.acm (fccHandler)
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.WMV3 - C:\Windows\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.x264 - C:\Windows\System32\x264vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.10.07 19:38:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Masouni\Desktop\OTL.exe
[2012.10.07 17:56:01 | 000,000,000 | R--D | C] -- C:\Users\Masouni\Videos
[2012.10.07 17:08:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.10.07 16:15:05 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.10.07 15:58:39 | 001,678,240 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Masouni\Desktop\rkill.com
[2012.10.07 14:29:40 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.10.07 13:56:37 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.10.07 13:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 13:56:05 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 13:56:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.07 13:39:11 | 000,000,000 | ---D | C] -- C:\Users\Masouni\AppData\Roaming\ESET
[2012.10.07 13:39:11 | 000,000,000 | ---D | C] -- C:\Users\Masouni\AppData\Local\ESET
[2012.10.07 13:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.10.07 13:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012.10.07 13:33:52 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.06.10 00:01:13 | 004,344,335 | ---- | C] (Avi to Mpeg ) -- C:\Program Files\avitompeg_setup.exe
[2012.06.10 00:00:57 | 035,779,272 | ---- | C] (Movavi) -- C:\Program Files\MovaviVideoConverterSetup.exe
[2011.10.05 14:41:40 | 048,063,952 | ---- | C] (Jalbum AB) -- C:\Program Files\jAlbum-install.exe
[2011.07.03 22:59:27 | 014,276,088 | ---- | C] (Google Inc.) -- C:\Program Files\picasa38-setup.exe
[2011.05.18 22:56:07 | 008,147,144 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mseinstall.exe
[2011.05.16 22:45:56 | 002,566,074 | ---- | C] (Mgr. Radovan Kraus ) -- C:\Program Files\PrintEnvelopeSetup3102.exe
[2011.05.09 22:47:20 | 037,033,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\AdbeRdr1000_cs_CZ.exe
[2010.12.06 23:58:02 | 012,442,560 | ---- | C] (ICQ) -- C:\Program Files\install_icq7.exe
[2010.11.27 15:31:15 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Masouni\AppData\Roaming\pcouffin.sys
[2010.09.26 18:55:17 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Program Files\DTLite4356-0091.exe
[2010.09.25 17:52:54 | 000,710,939 | ---- | C] (Erika a.s. ) -- C:\Program Files\crawl.exe
[2010.09.04 22:12:27 | 099,710,192 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Program Files\10-2_legacy_vista32-64_dd_ccc.exe
[2010.08.09 19:46:18 | 008,404,432 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.6.8.exe
[2010.05.21 18:14:15 | 007,284,032 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mssefullinstall-x86fre-cs-cz-vista-win7.exe
[2010.05.15 21:51:40 | 054,470,616 | ---- | C] (Online Media Technologies Ltd. ) -- C:\Program Files\AVSVideoConverter.exe
[2010.04.01 09:55:03 | 011,902,560 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mssefullinstall-x86fre-cs-cz-xp.exe
[10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.10.07 19:46:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.07 19:38:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Masouni\Desktop\OTL.exe
[2012.10.07 18:19:47 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\ReclaimerResumeInstall_Masouni.job
[2012.10.07 17:57:40 | 000,155,136 | ---- | M] () -- C:\Users\Masouni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.07 17:39:03 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.07 17:38:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.07 17:37:23 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.07 17:37:22 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.07 17:30:17 | 000,000,000 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\FileOut.cns
[2012.10.07 17:30:17 | 000,000,000 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\FileIn.cns
[2012.10.07 17:24:14 | 000,287,721 | ---- | M] () -- C:\mazec.png
[2012.10.07 17:10:41 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.10.07 16:45:33 | 000,214,102 | ---- | M] () -- C:\scan.jpg
[2012.10.07 16:14:41 | 000,634,356 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.10.07 16:14:41 | 000,618,740 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.07 16:14:41 | 000,122,932 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.10.07 16:14:41 | 000,107,060 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.07 15:58:39 | 001,678,240 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Masouni\Desktop\rkill.com
[2012.10.07 13:56:15 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.07 10:49:18 | 000,000,369 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\EED5.exe
[2012.10.07 01:40:02 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.10.07 19:46:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.07 18:19:45 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\ReclaimerResumeInstall_Masouni.job
[2012.10.07 17:24:13 | 000,287,721 | ---- | C] () -- C:\mazec.png
[2012.10.07 16:30:51 | 000,214,102 | ---- | C] () -- C:\scan.jpg
[2012.10.07 13:56:15 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.07 10:49:18 | 000,000,369 | ---- | C] () -- C:\Users\Masouni\AppData\Roaming\EED5.exe
[2012.09.07 16:28:04 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2012.09.05 18:57:27 | 000,000,000 | ---- | C] () -- C:\Users\Masouni\AppData\Roaming\FileOut.cns
[2012.09.05 18:57:27 | 000,000,000 | ---- | C] () -- C:\Users\Masouni\AppData\Roaming\FileIn.cns
[2012.09.03 01:12:25 | 000,000,032 | ---- | C] () -- C:\Windows\System32\thxcfg.ini
[2012.06.09 18:42:41 | 003,140,608 | ---- | C] () -- C:\Program Files\Dataram_RAMDisk_V3.5.130RC13a.msi
[2012.06.09 18:33:24 | 000,447,043 | ---- | C] () -- C:\Program Files\BySoftFreeRAM32.exe
[2012.04.15 14:19:22 | 000,709,265 | ---- | C] () -- C:\Program Files\wmv2-1.9.8.exe
[2012.04.15 04:23:32 | 000,015,672 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2012.03.11 18:01:31 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll
[2012.01.08 23:16:45 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011.12.16 17:28:15 | 000,123,392 | ---- | C] () -- C:\Windows\System32\UnCasino5.exe
[2011.10.16 21:14:51 | 000,028,672 | ---- | C] () -- C:\Windows\gscr.dll
[2011.07.06 09:12:17 | 000,000,335 | ---- | C] () -- C:\Program Files\Guliwer.ini
[2011.07.06 09:11:57 | 000,089,080 | ---- | C] () -- C:\Program Files\InstallCZ.bmp
[2011.07.06 09:11:56 | 000,010,739 | ---- | C] () -- C:\Program Files\install.ini
[2011.07.06 09:03:58 | 000,159,744 | ---- | C] () -- C:\Program Files\Uninstall.exe
[2011.07.06 09:03:56 | 004,230,936 | ---- | C] () -- C:\Program Files\muza3.wav
[2011.07.06 09:03:54 | 004,234,280 | ---- | C] () -- C:\Program Files\muza2.wav
[2011.07.06 09:03:52 | 003,615,804 | ---- | C] () -- C:\Program Files\muza1.wav
[2011.07.04 17:04:27 | 006,369,280 | ---- | C] () -- C:\Program Files\vlc-1.1.10-win32.exe
[2011.07.03 23:12:01 | 013,943,672 | ---- | C] () -- C:\Program Files\GoogleEarthWin.exe
[2011.04.21 23:46:20 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.04.21 23:43:55 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.03.21 21:26:19 | 000,155,136 | ---- | C] () -- C:\Users\Masouni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.11 11:41:08 | 003,181,056 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2011.03.07 06:08:32 | 000,073,216 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.02.25 13:18:48 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.02.25 13:14:12 | 000,631,808 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.02.15 16:30:10 | 000,121,344 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2011.02.14 07:28:09 | 000,016,212 | ---- | C] () -- C:\Users\Masouni\AppData\Local\SRDownloader.err
[2011.02.13 21:41:52 | 000,001,352 | ---- | C] () -- C:\Users\Masouni\AppData\Local\SRDownloader.nast
[2010.12.10 21:45:18 | 001,783,827 | ---- | C] () -- C:\Users\Masouni\DSCN0814.JPG
[2010.12.10 21:44:52 | 002,193,481 | ---- | C] () -- C:\Users\Masouni\DSCN0818.JPG
[2010.12.10 21:44:52 | 002,101,385 | ---- | C] () -- C:\Users\Masouni\DSCN0817.JPG
[2010.12.10 21:44:52 | 002,056,320 | ---- | C] () -- C:\Users\Masouni\DSCN0822.JPG
[2010.12.10 21:44:52 | 002,031,211 | ---- | C] () -- C:\Users\Masouni\DSCN0830.JPG
[2010.12.10 21:44:52 | 002,029,338 | ---- | C] () -- C:\Users\Masouni\DSCN0829.JPG
[2010.12.10 21:44:52 | 001,848,185 | ---- | C] () -- C:\Users\Masouni\DSCN0821.JPG
[2010.12.10 21:44:52 | 001,704,170 | ---- | C] () -- C:\Users\Masouni\DSCN0815.JPG
[2010.12.10 21:44:50 | 001,519,488 | ---- | C] () -- C:\Users\Masouni\DSCN0844.JPG
[2010.12.10 21:44:46 | 001,999,892 | ---- | C] () -- C:\Users\Masouni\DSCN0872.JPG
[2010.12.10 21:44:46 | 001,944,993 | ---- | C] () -- C:\Users\Masouni\DSCN0869.JPG
[2010.12.10 21:44:46 | 001,486,705 | ---- | C] () -- C:\Users\Masouni\DSCN0870.JPG
[2010.12.04 22:48:06 | 002,086,157 | ---- | C] () -- C:\Users\Masouni\DSCN0784.JPG
[2010.12.04 22:48:06 | 002,068,013 | ---- | C] () -- C:\Users\Masouni\DSCN0793.JPG
[2010.12.04 22:48:06 | 001,293,668 | ---- | C] () -- C:\Users\Masouni\DSCN0775.JPG
[2010.12.04 22:48:06 | 001,228,311 | ---- | C] () -- C:\Users\Masouni\DSCN0795.JPG
[2010.12.04 22:48:06 | 001,002,462 | ---- | C] () -- C:\Users\Masouni\DSCN0776.JPG
[2010.11.27 15:31:15 | 000,081,920 | ---- | C] () -- C:\Users\Masouni\AppData\Roaming\ezpinst.exe
[2010.11.27 15:31:15 | 000,007,176 | ---- | C] () -- C:\Users\Masouni\AppData\Roaming\pcouffin.cat
[2010.11.27 15:31:15 | 000,001,144 | ---- | C] () -- C:\Users\Masouni\AppData\Roaming\pcouffin.inf
[2010.10.18 21:29:36 | 019,700,389 | ---- | C] ( ) -- C:\Program Files\K-Lite_Codec_Pack_640_Mega.exe
[2010.09.11 00:14:46 | 000,000,416 | ---- | C] () -- C:\ProgramData\HashFileen.hsh
[2010.09.11 00:03:32 | 000,535,656 | ---- | C] () -- C:\ProgramData\HashFile.hsh
[2010.07.18 14:37:55 | 000,000,389 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010.06.10 15:37:18 | 003,074,560 | ---- | C] () -- C:\Program Files\openofficeorg32.msi
[2010.06.10 15:37:18 | 000,000,290 | ---- | C] () -- C:\Program Files\setup.ini
[2010.05.16 13:36:34 | 000,007,603 | ---- | C] () -- C:\Users\Masouni\AppData\Local\Resmon.ResmonCfg
[2009.12.27 22:50:07 | 000,138,056 | ---- | C] () -- C:\Users\Masouni\AppData\Roaming\PnkBstrK.sys
[2004.05.28 09:40:42 | 000,086,016 | ---- | C] () -- C:\Program Files\Guliwer.exe

========== ZeroAccess Check ==========

[2012.08.10 23:32:56 | 000,000,596 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.01.04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.12.27 15:13:11 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\602XML
[2010.02.17 14:51:02 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Allstar
[2010.02.04 18:01:30 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Ashampoo
[2012.07.26 18:59:39 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Broad Intelligence
[2011.07.24 04:13:36 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\BSplayer
[2011.06.04 18:50:45 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\BSplayer Pro
[2011.02.06 19:09:14 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Canneverbe Limited
[2010.06.12 23:31:48 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Canon
[2010.02.01 23:12:09 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Cashfiesta
[2011.10.05 16:58:04 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.09.25 17:53:31 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\ct24crawl
[2012.09.05 16:21:58 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\DAEMON Tools Lite
[2012.04.16 17:20:36 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\DAEMON Tools Pro
[2012.10.07 13:39:11 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\ESET
[2009.10.27 18:30:05 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Foxit
[2011.06.01 23:09:04 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Foxit Software
[2011.10.07 16:17:15 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\FreeFox
[2010.02.25 00:31:43 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\GARMIN
[2011.11.30 22:37:05 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\ICQ
[2012.04.15 04:26:43 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\IObit
[2011.10.01 00:30:15 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\IrfanView
[2011.10.05 14:59:34 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\jAlbum
[2011.01.16 01:46:49 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\MAGIX
[2010.09.18 10:32:08 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Mikrotik
[2010.09.10 23:29:48 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Need for Speed World
[2012.06.26 02:04:47 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\OpenCandy
[2011.12.27 15:01:07 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\OpenOffice.org
[2012.06.25 01:16:00 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Opera
[2010.03.08 19:53:13 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\PC Suite
[2010.06.10 23:58:18 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\PhotoFiltre
[2010.03.08 20:35:02 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\PLANStudio Setup
[2011.07.09 13:38:29 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Rovio
[2009.12.21 14:18:16 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Singlesnet
[2010.03.14 12:03:58 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\TeamViewer
[2009.10.27 18:01:25 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Tific
[2012.03.11 18:07:38 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\TrojanHunter
[2011.11.13 01:03:32 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\TuneUp Software
[2010.08.16 12:16:24 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Uniblue
[2012.03.20 18:06:16 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Unity
[2012.02.10 23:33:40 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\uTorrent
[2009.11.28 23:00:43 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\VitySoft
[2010.11.27 15:31:38 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Vso
[2011.03.20 23:44:35 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Win7codecs
[2011.12.17 02:31:18 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\XBMC
[2012.04.15 04:44:18 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\YoWindow
[2012.09.20 19:13:15 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Zoner

majklef · #8 Příspěvek od **majklef** » 07 říj 2012 21:01

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,544 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.01.03 15:59:57 | 000,000,918 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285935003-2300882945-1030792899-1001Core.job
[2010.01.03 15:59:59 | 000,000,970 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285935003-2300882945-1030792899-1001UA.job
[2011.08.13 23:39:31 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.08.13 23:39:34 | 000,000,942 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.05.02 11:03:58 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.07 16:28:31 | 000,000,278 | ---- | C] () -- C:\Windows\Tasks\RMSchedule.job
[2012.10.07 18:19:45 | 000,000,382 | ---- | C] () -- C:\Windows\Tasks\ReclaimerResumeInstall_Masouni.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2010.04.09 09:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010.04.09 09:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[12 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2011.04.13 22:01:28 | 003,406,208 | ---- | M] () -- C:\FlashFXP4_1545_Setup.exe

< %ALLUSERSPROFILE%\Application Data\*. >
[2012.09.07 14:26:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Adobe
[2011.02.27 02:11:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Alwil Software
[2010.08.15 23:03:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Apple
[2010.08.15 23:06:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Apple Computer
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Application Data
[2012.04.18 21:00:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\ArcSoft
[2010.02.04 18:01:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\ashampoo
[2010.09.04 22:27:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\ATI
[2011.02.14 23:32:15 | 000,000,000 | -H-D | M] -- C:\ProgramData\Application Data\AVP11
[2009.11.05 20:46:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\AVS4YOU
[2011.02.06 19:09:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Canneverbe Limited
[2010.06.11 12:17:40 | 000,000,000 | -H-D | M] -- C:\ProgramData\Application Data\CanonBJ
[2010.12.05 15:18:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\CanonIJ
[2010.06.11 12:30:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Application Data\CanonIJEGV
[2010.06.11 12:29:58 | 000,000,000 | -H-D | M] -- C:\ProgramData\Application Data\CanonIJEPPEX
[2010.06.11 19:05:42 | 000,000,000 | -H-D | M] -- C:\ProgramData\Application Data\CanonIJMyPrinter
[2002.01.01 01:17:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\CanonIJPLM
[2010.06.12 23:31:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Application Data\CanonIJScan
[2010.06.11 12:30:16 | 000,000,000 | -H-D | M] -- C:\ProgramData\Application Data\CanonIJSolutionMenu
[2012.01.08 22:58:58 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Caphyon
[2010.09.28 00:21:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Codemasters
[2009.12.21 00:18:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\ConeXware
[2011.05.09 23:20:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\CyberLink
[2012.06.26 02:14:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\DAEMON Tools Lite
[2010.09.11 00:12:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Data
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Documents
[2011.01.09 03:03:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Electronic Arts
[2012.10.07 13:33:52 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\ESET
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Favorites
[2011.04.13 22:03:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\FlashFXP
[2011.05.02 23:39:47 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\FreeApp
[2010.02.24 23:19:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\GARMIN
[2009.10.27 16:22:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Hewlett-Packard
[2011.12.13 22:44:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\hps
[2011.02.09 20:21:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\ICQ
[2011.07.21 21:25:47 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\InstallMate
[2012.04.16 06:45:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\IObit
[2011.01.16 01:46:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\MAGIX
[2010.04.05 14:13:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Malwarebytes
[2010.01.06 19:20:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\McAfee
[2012.08.06 11:31:46 | 000,000,000 | --SD | M] -- C:\ProgramData\Application Data\Microsoft
[2012.05.29 11:05:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Microsoft Help
[2012.05.13 11:04:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Mozilla
[2011.02.14 23:59:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Norton
[2011.02.12 21:33:40 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\NortonInstaller
[2011.11.28 11:23:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Real
[2009.11.30 18:40:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Simply Super Software
[2012.08.05 09:39:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Skype
[2012.01.19 01:04:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Skype Extras
[2012.04.15 04:33:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\SnapStream
[2010.04.21 19:24:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Spybot -

majklef · #9 Příspěvek od **majklef** » 07 říj 2012 21:09

[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Start Menu
[2010.04.05 10:54:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Sun
[2010.08.16 02:04:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Symantec
[2012.09.07 16:28:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\TEMP
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Templates
[2011.01.29 15:59:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\TmForever
[2011.12.13 22:44:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\tmp
[2010.09.04 22:50:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Trymedia
[2011.11.13 01:03:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\TuneUp Software
[2011.03.20 23:44:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Win7codecs
[2011.01.16 01:42:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Xara
[2011.11.27 23:58:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Zoner
[2011.11.13 01:00:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2009.11.21 01:47:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
[2010.09.27 16:26:11 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2011.03.07 19:00:17 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
[2011.04.25 11:34:54 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
[2010.09.27 16:26:11 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2011.03.07 19:00:17 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
[2011.04.25 11:34:54 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
[2010.09.27 16:26:11 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2011.03.07 19:00:17 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
[2011.04.25 11:34:54 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
[2010.09.27 16:26:11 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2011.03.07 19:00:17 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
[2011.04.25 11:34:54 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
[2010.09.27 16:26:11 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2011.03.07 19:00:17 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
[2011.04.25 11:34:54 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
[2010.09.27 16:26:11 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2011.03.07 19:00:17 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
[2011.04.25 11:34:54 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
[2010.09.27 16:26:11 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2011.03.07 19:00:17 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
[2011.04.25 11:34:54 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
[2010.09.27 16:26:11 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2011.03.07 19:00:17 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
[2011.04.25 11:34:54 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
[2010.09.27 16:26:11 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2011.03.07 19:00:17 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
[2011.04.25 11:34:54 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
[2010.09.27 16:26:11 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
[2011.03.07 19:00:17 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
[2011.04.25 11:34:54 | 000,072,488 | ---- | M] (Apple Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.18.5\SetupAdmin.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.19.4\SetupAdmin.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\Safari 5.33.21.1\SetupAdmin.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AcrobatUpdater.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARM.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\AdobeARMHelper.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31286\ReaderUpdater.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AcrobatUpdater.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARM.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\AdobeARMHelper.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\31309\ReaderUpdater.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
[2011.07.29 10:55:45 | 001,889,712 | ---- | M] (ConeXware, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
[2011.07.29 10:55:45 | 001,889,712 | ---- | M] (ConeXware, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe

majklef · #10 Příspěvek od **majklef** » 07 říj 2012 21:12

File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
[2011.07.29 10:55:45 | 001,889,712 | ---- | M] (ConeXware, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
[2011.07.29 10:55:45 | 001,889,712 | ---- | M] (ConeXware, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
[2011.07.29 10:55:45 | 001,889,712 | ---- | M] (ConeXware, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
[2011.07.29 10:55:45 | 001,889,712 | ---- | M] (ConeXware, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
[2011.07.29 10:55:45 | 001,889,712 | ---- | M] (ConeXware, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
[2011.07.29 10:55:45 | 001,889,712 | ---- | M] (ConeXware, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
[2011.07.29 10:55:45 | 001,889,712 | ---- | M] (ConeXware, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
[2011.07.29 10:55:45 | 001,889,712 | ---- | M] (ConeXware, Inc.) -- C:\ProgramData\Application Data\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe
[2011.07.29 10:55:45 | 001,889,712 | ---- | M] (ConeXware, Inc.) -- C:\ProgramData\Application Data\Caphyon\Advanced Installer\{B8918A40-FDD7-4543-885B-EEA89C2CFA69}\setup.exe
[2010.09.11 00:12:57 | 010,900,752 | ---- | M] (Electronic Arts) -- C:\ProgramData\Application Data\Data\nfsw.exe
[2011.12.13 22:45:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\Application Data\hps\5500\setup_dm_paradies_foto_3.exe
[2011.01.27 00:00:10 | 000,015,496 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\ProgramData\Application Data\InstallMate\{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}\Setup.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2012.01.19 01:04:08 | 002,756,480 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\goxn.exe
[2010.11.17 18:06:16 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\TEMP\{889C6F39-241F-4119-8026-1B2F4A124839}\PostBuild.exe
[2011.05.09 23:09:59 | 000,036,864 | ---- | M] ( ) -- C:\ProgramData\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
[2011.11.27 23:59:50 | 013,848,920 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build02.exe
[2012.09.20 19:15:02 | 014,197,608 | ---- | M] (ZONER software ) -- C:\ProgramData\Application Data\Zoner\NLMDB\product.0036\autoupdate.cz\ZPS14_Update_Build07.exe

< %APPDATA%\*. >
[2011.12.27 15:13:11 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\602XML
[2011.10.05 16:44:03 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Adobe
[2010.02.17 14:51:02 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Allstar
[2011.05.28 20:31:14 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Apple Computer
[2012.04.17 20:56:55 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\ArcSoft
[2010.02.04 18:01:30 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Ashampoo
[2010.09.04 22:27:06 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\ATI
[2009.11.05 20:47:05 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\AVS4YOU
[2012.07.26 18:59:39 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Broad Intelligence
[2011.07.24 04:13:36 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\BSplayer
[2011.06.04 18:50:45 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\BSplayer Pro
[2011.02.06 19:09:14 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Canneverbe Limited
[2010.06.12 23:31:48 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Canon
[2010.02.01 23:12:09 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Cashfiesta
[2011.10.05 16:58:04 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.09.25 17:53:31 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\ct24crawl
[2012.09.05 16:21:58 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\DAEMON Tools Lite
[2012.04.16 17:20:36 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\DAEMON Tools Pro
[2012.10.07 13:39:11 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\ESET
[2009.10.27 18:30:05 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Foxit
[2011.06.01 23:09:04 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Foxit Software
[2011.10.07 16:17:15 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\FreeFox
[2010.02.25 00:31:43 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\GARMIN
[2009.11.03 21:06:51 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Google
[2010.07.15 15:45:49 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Hamachi
[2011.11.30 22:37:05 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\ICQ
[2009.10.27 16:31:22 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Identities
[2009.12.29 15:54:07 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\InstallShield
[2012.04.15 04:26:43 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\IObit
[2011.10.01 00:30:15 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\IrfanView
[2011.10.05 14:59:34 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\jAlbum
[2009.10.27 17:27:14 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Macromedia
[2011.01.16 01:46:49 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\MAGIX
[2010.04.05 14:13:44 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Malwarebytes
[2009.07.14 09:48:45 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Media Center Programs
[2012.07.28 22:13:32 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Media Player Classic
[2012.09.25 22:05:56 | 000,000,000 | --SD | M] -- C:\Users\Masouni\AppData\Roaming\Microsoft
[2010.09.18 10:32:08 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Mikrotik
[2010.08.09 19:48:06 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Mozilla
[2010.09.10 23:29:48 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Need for Speed World
[2012.06.26 02:04:47 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\OpenCandy
[2011.12.27 15:01:07 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\OpenOffice.org
[2012.06.25 01:16:00 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Opera
[2010.03.08 19:53:13 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\PC Suite
[2010.06.10 23:58:18 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\PhotoFiltre
[2010.03.08 20:35:02 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\PLANStudio Setup
[2011.12.07 23:25:36 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Real
[2011.12.27 19:45:05 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\RealNetworks
[2011.07.09 13:38:29 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Rovio
[2009.12.21 14:18:16 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Singlesnet
[2012.10.07 20:40:21 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Skype
[2011.05.28 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\skypePM
[2010.10.28 20:48:35 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Sun
[2010.03.14 12:03:58 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\TeamViewer
[2009.10.27 18:01:25 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Tific
[2012.03.11 18:07:38 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\TrojanHunter
[2011.11.13 01:03:32 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\TuneUp Software
[2010.08.16 12:16:24 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Uniblue
[2012.03.20 18:06:16 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Unity
[2012.02.10 23:33:40 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\uTorrent
[2009.11.28 23:00:43 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\VitySoft
[2012.09.09 22:31:04 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\vlc
[2010.11.27 15:31:38 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Vso
[2011.03.20 23:44:35 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Win7codecs
[2009.10.27 17:36:00 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\WinRAR
[2011.12.17 02:31:18 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\XBMC
[2012.04.15 04:44:18 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\YoWindow
[2012.09.20 19:13:15 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2012.10.07 10:49:18 | 000,000,369 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\EED5.exe
[2010.11.27 15:31:16 | 000,081,920 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\ezpinst.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Masouni\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2011.03.20 23:45:53 | 000,009,216 | R--- | M] () -- C:\Users\Masouni\AppData\Roaming\Microsoft\Installer\{7426428E-71D4-452C-BA13-B14E5EB52859}\Icon7426428E16.exe
[2010.04.03 01:07:57 | 000,408,522 | R--- | M] () -- C:\Users\Masouni\AppData\Roaming\Microsoft\Installer\{8BD4B030-E30C-474E-A3B5-D4555A46CEFC}\_18be6784.exe
[2010.04.03 01:07:57 | 000,408,522 | R--- | M] () -- C:\Users\Masouni\AppData\Roaming\Microsoft\Installer\{8BD4B030-E30C-474E-A3B5-D4555A46CEFC}\_294823.exe
[2010.04.03 01:07:57 | 000,408,522 | R--- | M] () -- C:\Users\Masouni\AppData\Roaming\Microsoft\Installer\{8BD4B030-E30C-474E-A3B5-D4555A46CEFC}\_4ae13d6c.exe
[2011.03.20 23:25:46 | 000,010,134 | R--- | M] () -- C:\Users\Masouni\AppData\Roaming\Microsoft\Installer\{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}\ARPPRODUCTICON.exe
[2012.02.06 20:18:56 | 002,081,208 | ---- | M] (Speedchecker Limited ) -- C:\Users\Masouni\AppData\Roaming\OpenCandy\C559A47B8AFF4957BF249675DBF15FB1\pcspeedup_oc.exe
[2012.02.06 20:18:56 | 002,081,208 | ---- | M] (Speedchecker Limited ) -- C:\Users\Masouni\AppData\Roaming\OpenCandy\CE2A70FD0E7F4BEA801F887A5634007F\pcspeedup_oc.exe
[2012.10.07 18:19:33 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Masouni\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2012.10.07 18:19:33 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Masouni\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012.09.12 08:35:22 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.10.07 17:39:03 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.10.07 01:40:02 | 000,000,942 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.01.30 18:01:11 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285935003-2300882945-1030792899-1001Core.job
[2012.01.30 23:32:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285935003-2300882945-1030792899-1001UA.job
[2012.10.07 18:19:47 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\ReclaimerResumeInstall_Masouni.job
[2012.09.11 19:00:00 | 000,000,278 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >
[2012.10.07 17:10:41 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamswissarmy.sys

< %systemroot%\system32\*.* /3 >
[2012.10.07 17:37:22 | 000,017,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.07 17:37:23 | 000,017,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.07 16:14:41 | 000,122,932 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.10.07 16:14:41 | 000,107,060 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.10.07 16:14:41 | 000,634,356 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.10.07 16:14:41 | 000,618,740 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.10.07 16:14:41 | 001,478,586 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

majklef · #11 Příspěvek od **majklef** » 07 říj 2012 21:16

[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2011.04.13 22:01:28 | 003,406,208 | ---- | M] () -- C:\FlashFXP4_1545_Setup.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ct24crawl" = C:\Program Files\CT24\ct24crawl.exe -- [2010.08.09 23:47:50 | 000,929,280 | ---- | M] ()
"Seznam Postak" = "C:\Program Files\Seznam.cz\bin\postak.exe" -s -- [2012.01.10 16:16:10 | 000,491,040 | ---- | M] ()
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.07.13 13:33:24 | 017,418,928 | R--- | M] (Skype Technologies S.A.)
"BySoft FreeRAM" = C:\Program Files\BySoft FreeRAM\FreeRAM.exe -- [2007.09.28 14:32:40 | 000,318,976 | ---- | M] (BySoft)
"Wqiciy" = C:\Users\Masouni\AppData\Roaming\Wqiciy.exe

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.09.14 09:22:51 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=9C376F42BDE37F18D0A39AF7415D9BE6 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.04.08 16:55:38 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.09.02 09:29:50 | 000,874,896 | ---- | M] (Opera Software) MD5=E9B8F06429A1727D9FD9D4CE023EDCEB -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.07 19:46:14 | 000,000,512 | ---- | M] () MD5=70622F86FBF4AC6BFF23D9E44E480687 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2003.04.03 04:46:56 | 000,007,689 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\MSTS OLOMOUC\Train simulator\ROUTES\OLOMOUC2\ENVFILES\TEXTURES\Acrackedice.ace
[2003.04.03 04:46:56 | 000,007,689 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\OLOMOUC2\ENVFILES\TEXTURES\Acrackedice.ace
[2003.04.03 04:46:56 | 000,007,689 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\Train simulator\ROUTES\OLOMOUC2\ENVFILES\TEXTURES\Acrackedice.ace
[2001.07.23 16:29:22 | 000,006,043 | ---- | M] () -- \Program Files\Xara\Xara Menu Maker 1.0\WSTemplates\Backgrounds\Exotic\Cracket.jpg
[2002.05.21 10:54:30 | 000,006,043 | ---- | M] () -- \Program Files\Xara\Xara Webstyle 3.0\WSTemplates\Backgrounds\Exotic\Cracket.jpg
[2002.05.21 10:54:30 | 000,014,320 | ---- | M] () -- \Program Files\Xara\Xara Webstyle 3.0\WSTemplates\Backgrounds\Exotic\Cracket.wix
[2002.05.21 11:32:04 | 000,001,631 | ---- | M] () -- \Program Files\Xara\Xara Webstyle 3.0\WSTemplates\Backgrounds\Exotic\cracket.xws
[2012.09.03 11:24:21 | 000,000,094 | ---- | M] () -- \Users\Masouni\AppData\Local\Opera\Opera\icons\cracks.ph.idx
[2012.09.03 11:24:21 | 000,000,357 | ---- | M] () -- \Users\Masouni\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fcracks.ph%2Ffavicon.png
[2012.06.26 02:01:35 | 000,000,808 | ---- | M] () -- \Users\Masouni\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.requestcracks.com%2Ffavicon.png
[2012.06.26 02:01:35 | 000,000,079 | ---- | M] () -- \Users\Masouni\AppData\Local\Opera\Opera\icons\www.requestcracks.com.idx
[2011.05.11 23:12:02 | 000,000,799 | ---- | M] () -- \Users\Masouni\AppData\Roaming\FreeFox\TVImages\crackle.jpg
[2011.05.11 23:12:02 | 000,000,879 | ---- | M] () -- \Users\Masouni\AppData\Roaming\FreeFox\TVImages\crackle_tv.jpg

< *keygen* /s >

< *loader* /s >
[2009.04.02 22:23:53 | 000,013,833 | ---- | M] () -- \Program Files\City Interactive\MOTORM4X Offroad Extreme\media\texts\texts_loader.xml
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.12.14 11:54:22 | 000,166,400 | ---- | M] () -- \Program Files\dm\dm paradies foto 3\CWImageLoader0.dll
[2011.07.24 18:37:28 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.07.24 18:37:31 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.07.24 18:37:26 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.07.24 18:38:22 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.07.24 18:38:25 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.07.24 18:38:25 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.12.20 18:45:14 | 001,015,128 | ---- | M] () -- \Program Files\IObit\Smart Defrag 2\Freeware\SD_FreeSoftwareDownloader.exe
[2011.04.17 17:02:19 | 000,000,105 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2008.12.06 18:13:52 | 000,001,070 | ---- | M] () -- \Program Files\MediaCoder\extensions\_include\loader.html
[2001.05.08 03:43:30 | 000,010,617 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Shapes\US2Loader.s
[2001.05.08 03:43:30 | 000,001,286 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Shapes\US2Loader.sd
[2001.05.08 03:43:32 | 000,016,734 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Shapes\US2Loader1.s
[2001.05.08 03:45:08 | 000,175,082 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Textures\US2Loader.ace
[2001.05.08 03:45:08 | 000,175,082 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Textures\US2Loader1.ace
[2001.05.08 03:46:12 | 000,175,082 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Textures\Snow\US2Loader.ace
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2010.09.30 11:48:24 | 000,056,496 | ---- | M] () -- \Program Files\OLYMPUS\ib\Koan\pyloader.dll
[2011.03.11 16:18:12 | 000,032,563 | ---- | M] () -- \Program Files\OLYMPUS\ib\subsys\DataCenter\ImageLoader.kc
[2010.09.30 11:48:48 | 000,008,880 | ---- | M] () -- \Program Files\OLYMPUS\ib\subsys\HTMLView\pycom\win32\_win32sysloader.pyd
[2010.06.07 22:11:08 | 000,006,262 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.12.27 14:57:15 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 22:19:10 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.12.27 14:59:02 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 17:21:40 | 000,003,874 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2009.09.25 15:00:00 | 000,001,849 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\Integrator\images\panel6\loader.gif
[2009.06.02 02:16:58 | 000,114,688 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2011.03.09 02:20:08 | 000,004,782 | ---- | M] () -- \Program Files\XBMC\addons\webinterface.default\images\ajax-loader.gif
[2012.07.10 10:33:04 | 000,430,080 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2012.06.05 13:35:30 | 000,442,368 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 18:09:04 | 000,194,048 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2012.07.13 12:59:04 | 000,102,824 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2012.07.13 12:59:16 | 000,016,808 | ---- | M] () -- \Program Files\Zoner\Photo Studio 14\Program32\WICLoader.exe
File not found -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
File not found -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
File not found -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \ProgramData\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \ProgramData\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \ProgramData\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \ProgramData\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \ProgramData\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \ProgramData\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \ProgramData\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \ProgramData\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
File not found -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
File not found -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
File not found -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
File not found -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Application Data\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \Users\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \Users\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \Users\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2010.09.11 00:05:28 | 000,004,100 | ---- | M] () -- \Users\All Users\Data\GFX\_RadialFlareLoader_Double.gfx
[2011.12.07 23:24:31 | 000,007,715 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.12.07 23:24:31 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.01.19 01:04:38 | 000,009,828 | ---- | M] () -- \Users\All Users\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.01.19 01:04:37 | 000,009,828 | ---- | M] () -- \Users\All Users\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Games\8009C35017684284B0BE39D6E4E53955\Loader_50.gif
[2011.11.22 14:36:49 | 000,016,212 | ---- | M] () -- \Users\Masouni\AppData\Local\SRDownloader.err
[2012.03.07 02:47:22 | 000,001,352 | ---- | M] () -- \Users\Masouni\AppData\Local\SRDownloader.nast
[2011.10.04 12:33:23 | 000,002,608 | ---- | M] () -- \Users\Masouni\AppData\Local\Google Translator\images\ajax-loader.gif
[2011.04.22 20:47:35 | 000,000,723 | ---- | M] () -- \Users\Masouni\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_14697\CRX_INSTALL\img\ajax-loader.gif
[2011.04.22 20:47:35 | 000,000,979 | ---- | M] () -- \Users\Masouni\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_14697\CRX_INSTALL\js\FMLoader_Obfs.js
[2012.06.26 02:06:43 | 000,057,728 | ---- | M] () -- \Users\Masouni\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012.06.26 02:06:45 | 000,057,728 | ---- | M] () -- \Users\Masouni\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012.06.26 02:06:47 | 000,057,728 | ---- | M] () -- \Users\Masouni\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.06.26 02:06:50 | 000,057,728 | ---- | M] () -- \Users\Masouni\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012.06.26 02:06:52 | 000,057,728 | ---- | M] () -- \Users\Masouni\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012.06.26 02:06:54 | 000,061,770 | ---- | M] () -- \Users\Masouni\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012.06.26 02:06:56 | 000,061,770 | ---- | M] () -- \Users\Masouni\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.07.21 22:21:15 | 000,000,149 | ---- | M] () -- \Users\Masouni\AppData\Local\Opera\Opera\icons\abc.yourfiledownloader.com.idx
[2012.07.21 22:21:15 | 000,000,214 | ---- | M] () -- \Users\Masouni\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fabc.yourfiledownloader.com%2Fstatic%2Fa%2Fimages%2Ffavicon.png
[2012.07.17 14:18:16 | 000,009,051 | ---- | M] () -- \Users\Masouni\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.17 14:18:16 | 000,016,119 | ---- | M] () -- \Users\Masouni\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.17 14:18:16 | 000,018,434 | ---- | M] () -- \Users\Masouni\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.07.17 14:18:16 | 000,009,283 | ---- | M] () -- \Users\Masouni\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.07.17 14:18:16 | 000,001,898 | ---- | M] () -- \Users\Masouni\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012.07.16 00:19:47 | 000,000,121 | ---- | M] () -- \Users\Masouni\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\EMLGVFCF\fr-advideum.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2012.06.15 16:51:58 | 000,000,060 | ---- | M] () -- \Users\Masouni\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\EMLGVFCF\localhost\flash hry\hostile-skies-game\Hostile Skies game\data\hostile-skies_sh.swf\MiniclipLoaderAd.sol
[2012.06.06 13:47:11 | 000,000,060 | ---- | M] () -- \Users\Masouni\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\EMLGVFCF\swf.nethry.cz\hostile-skies_sh.swf\MiniclipLoaderAd.sol
[2011.08.29 17:48:18 | 000,010,145 | ---- | M] () -- \Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\conduitCommon\modules\3.6.0.10\ExternalLibraryLoader.jsm
[2009.10.27 17:46:34 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[10 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.08.08 17:32:40 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.01.12 09:17:48 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2010.01.09 00:26:33 | 000,003,530 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.10.27 16:42:14 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.10.27 16:42:14 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.10.27 16:42:14 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 06:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 06:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009.07.14 06:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011.04.22 00:06:29 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.04.22 00:06:30 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.04.22 00:06:30 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.13 19:54:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 04:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:DBC416F8
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Application Data\TEMP:DBC416F8
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:08948D52
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Application Data\TEMP:08948D52
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Application Data\TEMP:5C321E34
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Application Data\TEMP:A8ADE5D8

< End of report >

majklef · #12 Příspěvek od **majklef** » 07 říj 2012 21:18

A ještě OTL EXTRAS

OTL Extras logfile created on: 7.10.2012 19:40:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Masouni\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,24 Mb Total Physical Memory | 348,15 Mb Available Physical Memory | 34,02% Memory free
2,00 Gb Paging File | 0,77 Gb Available in Paging File | 38,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 15,72 Gb Free Space | 21,10% Space Free | Partition Type: NTFS
Drive D: | 149,04 Gb Total Space | 7,74 Gb Free Space | 5,19% Space Free | Partition Type: NTFS

Computer Name: MASOUNI | User Name: Masouni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.js [@ = JSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [CEWE prezentace fotografií] -- "C:\Program Files\dm\dm paradies foto 3\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm paradies foto 3] -- "C:\Program Files\dm\dm paradies foto 3\dm paradies foto 3.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
"UacDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"FirstRunDisabled" = 0
"UacDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D4DF0E5-B1DA-4B2A-A24C-6E6BB54144A6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{10D4022A-D6CB-428A-B42A-A2354F529DE9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1B583E11-A25F-4401-88C3-87A48E4353FD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1F675C8C-E7F3-47C3-AA5C-DA01EAB40FBD}" = lport=443 | protocol=6 | dir=in | app=system |
"{22ABB3B4-97D8-457E-86D5-F25F55DEF152}" = lport=139 | protocol=6 | dir=in | app=system |
"{257A3FAB-E425-42DB-8D6D-2FC84EC724B5}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{34A8A48E-2092-4B7F-BECE-0F12BFECE685}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36346A6D-2766-452E-B1C6-192D151A531C}" = lport=445 | protocol=6 | dir=in | app=system |
"{42588BB4-F3D4-432D-A074-034A15993F6C}" = lport=1701 | protocol=17 | dir=in | app=system |
"{464DA8B4-CDC5-477A-845F-561D2E139768}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{49D0684A-7758-4E6D-B24A-5A1CE36F70D7}" = rport=1723 | protocol=6 | dir=out | app=system |
"{6A08DB2B-1F3E-48C7-8995-C620AD8A2F9B}" = rport=445 | protocol=6 | dir=out | app=system |
"{73094C9D-121F-48C2-8803-69C290CDDD23}" = lport=2869 | protocol=6 | dir=in | app=system |
"{791968BD-CD45-4F5B-9440-CCEB561CD692}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{80C309F6-7CB5-4177-B742-63A6ACFCCEF1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{81160E7F-0DF7-44BC-9319-202EBB97D0C4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{89A6C203-F9A6-4137-8053-19AFF0E2A241}" = rport=1701 | protocol=17 | dir=out | app=system |
"{8C76AB93-60FD-4B53-94CA-559539090E33}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8DD3561D-4F12-4822-94D2-BD150CBDF26B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{91B17B1B-95BF-4501-B46A-7B0AC3629F15}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9870E304-7B58-4749-BBF1-8A09AE44DE06}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9A731F60-586B-4A75-A8DB-C42477247EFB}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9BA58317-E6F2-44D1-ABE4-30C50C28DDC6}" = rport=139 | protocol=6 | dir=out | app=system |
"{9CC0070A-F872-40E0-AA47-2F97E53417D4}" = rport=137 | protocol=17 | dir=out | app=system |
"{9FFE98B3-5EC9-49F6-8135-CE3B9EEA5A2A}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A2F26B88-482A-463B-9E23-760C8ED33F94}" = rport=138 | protocol=17 | dir=out | app=system |
"{A4108A08-7AEE-46AB-A242-3A5C42634183}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A815F0C1-9F39-431C-98E8-202D7D485D4E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BCA0CD3A-ECB6-43F5-B391-E6D8F43272D3}" = lport=137 | protocol=17 | dir=in | app=system |
"{BD31CEE2-1FDD-4510-BD05-29DB87FEF783}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C12E48A9-7F6E-4F63-AA47-AEC94E813C7C}" = lport=10245 | protocol=6 | dir=in | app=system |
"{C6906850-6413-4CBF-805F-73E16CBE049A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D20C8628-CB39-4031-88F0-0D3375E746F7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DAC0C658-176E-4B83-B513-2D0CBF1764E1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DF30C666-5032-488D-AC8A-29FCD260743C}" = lport=1723 | protocol=6 | dir=in | app=system |
"{E7DEEBF3-E7D4-405C-AE8A-602EA2C1EF0E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F62BD924-5ED2-4B9F-9F04-201039C6D542}" = lport=138 | protocol=17 | dir=in | app=system |
"{F7278FFF-0639-4384-9134-33A3C45E9275}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{031DAF5A-CC26-4E9F-8BF4-E9AAEBDC3C01}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{03B82695-DC70-4AB6-89E5-68D92AA26D8F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0476B58C-005F-457D-921D-9F9254F0AB88}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{04FF30B7-BA56-48FE-8C18-E3444F007E60}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{088C8295-7830-45CE-B750-5CE5E7E80B4F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A5246D6-BE88-4DB2-B16D-FF691E728554}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A80FECC-1F15-4C8B-847F-4B78A6616506}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0B3189A2-D83E-43FC-BA4A-C7136DD41E4E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C55F09B-3F49-4B3E-96D2-C56EE1B960F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C8204F5-9E91-4965-9EB1-6BD7CD3027F1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C887CF7-0CBB-4F46-A807-7E37E2E20344}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0CED907D-6078-4C0A-B044-9364E20FC0B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D0C6A65-5B4A-47C9-9E21-F52B50CE00F8}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{0DB36E12-B728-411A-9B59-EBC1E0CFFCDC}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{0DC5461A-1783-4485-90E7-F8FCC505A901}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{0F58EE7B-5E30-48AD-98A0-751DA951D4D5}" = protocol=17 | dir=in | app=c:\program files\opera 11.00 alpha\opera.exe |
"{0FA867B5-D18C-4A7A-8C20-C5B845667F72}" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"{0FC59A45-364B-4AC8-82A7-C360216EFDF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{116A0E90-1F05-4555-BF98-8E28333EBD93}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{12E3FF77-0E9B-4FA5-B0BE-BAC87D4FA131}" = protocol=17 | dir=in | app=c:\users\masouni\downloads\miranda\miranda32.exe |
"{1653390E-9429-4C58-BC64-83A51E608CA0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{16AD63EB-7AE0-4278-9271-36AA00A96122}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{1B6CFA21-D719-45A8-9471-2F06AFB85C62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1BC3F331-B27B-46CE-9799-C0621A6CEFE8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1F396E4F-D50E-42E4-AB51-07534DAE4EB6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1FA78B92-1B55-4A1A-92AC-6E359FE750ED}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"{1FC5AA51-8F87-4221-B9B9-4397966C71D8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{23899E2A-A67A-4C2D-854A-6FA09E97997C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{23BD6E45-EEFF-41B6-8D22-827F268C5189}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C603574-A1A8-411F-9749-2475B2715A17}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C82B8AD-B2F9-45E9-8CB9-C4B40F85847C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DA25EEE-7458-41E4-8B04-8C93A7A36A95}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DBF01ED-D067-42B4-9707-A2321D7D255A}" = protocol=6 | dir=in | app=c:\users\masouni\downloads\miranda\miranda32.exe |
"{2E2B8B12-B65D-43F5-BC23-C6B6869E54A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{320E07F6-E63A-494A-838C-2012527C20F8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{32DD31AC-2853-46A7-AD56-032D5294D42E}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{337C6D8A-2952-42EC-ADD9-D763AEA30CA8}" = protocol=6 | dir=in | app=%systemroot%\system32\wbem\unsecapp.exe |
"{36B16B5E-E343-4CAC-BF0E-A05E931D3565}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{37887999-0C98-4318-A8BD-7B7F5B516F61}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{39ABFCE6-0954-418F-8D87-6E10DAD41D47}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3B899A0C-6DC8-4974-AD70-5A58A8DB1B8D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3B908141-C28E-4FE2-9BB3-3A20AD9E8EAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3BFEDB45-F5D2-4E5E-9757-2098901459BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3D448058-3A58-4181-BD53-2E094C84ABA2}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{3E02D807-9F2E-4875-9E41-005F52522A0A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3FF73353-7F3A-4858-84BE-1EC9D27B44B8}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{409144B5-2A07-44B3-9967-2475C0A41C65}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{410F5A61-300E-49FB-9670-F9FB976C6130}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{422F3418-7E22-446C-BA8F-3FEEE2DF25B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{43091596-69E9-4371-8390-070FC4EE6948}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44DA0363-4A4D-4B30-88FD-129D887F6844}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45C332DF-748F-46BB-AD0A-42050486153B}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{4697FB25-8F6F-453F-A2CF-F48953B31AB1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4DE11FE4-9E91-4046-AD39-C4792F5EAA2B}" = protocol=47 | dir=in | app=system |
"{4EBD9C1B-0803-4B62-AB0D-BA3C0C20FF5E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4F66745A-5E8B-4FAB-9AF9-26C03DD39840}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5410021B-D168-4CB9-BC46-1C21B71169FE}" = protocol=6 | dir=out | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{54FCE83A-ED4C-4363-A24B-7BA86C91921A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{55D5A406-9601-470D-9377-9F55155260E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5680E053-E2A4-4D16-BD24-0FE281067C6F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57C3610C-C06A-4F9E-AF2A-F15BF92C44A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57DD1B35-812A-49B6-9050-DB89C9973FFE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57E75A5F-DC6C-486E-917B-9D2D36383F8C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5821280F-936D-49F2-B284-FEE6FDD2C1AB}" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\frd.exe |
"{5A4154E4-C7D5-414E-8B2C-349B27D3E870}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A5DE215-BF3A-4350-B205-D8B3936D06D3}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{68E98E30-334A-4984-A2A5-0FBD831F353B}" = protocol=47 | dir=out | app=system |
"{6B95DCBA-E8EB-4E34-B1D4-ADF1D3954EFA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6BA35697-025C-47A2-885F-893EBAD5C264}" = protocol=6 | dir=in | app=c:\program files\opera 11.00 alpha\opera.exe |
"{6C6C48A9-7D53-49D8-8470-DDB874C9603C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6ECE0759-F99E-4A9B-AFFA-CCC49653D4FE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6FAC4614-DCF0-4CB8-BE7B-CD2FA275914D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{71D86306-9CC2-44D9-A15C-00A95822EA9F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{72B47F17-8436-4ACA-97D6-05281BF5CA79}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{73D7B2C9-C8DF-4051-B6AF-DC7748958754}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74350288-7AB7-4DC4-AFBC-44E5BCBB0381}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{74EEC736-EF5F-4E84-959B-7F507D750C6D}" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"{74F0E8D5-71A4-406C-BB30-29103779ED17}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7608537F-F93A-41EC-B365-BD55AA9EF29C}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{76787C3D-0080-4930-BAA6-4830F704502C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77F2D91C-73F2-4222-B612-B90C27859974}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78F22880-76E7-43F6-A186-66E3D6B7805C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7ADD1437-85A2-4A94-B6E6-B12E49914DC1}" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"{801B1BF4-FE66-4073-BC2B-82615712AB1B}" = protocol=6 | dir=out | app=system |
"{82CE4709-053A-4D2A-BD01-CE9166A83214}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{83CEE9C5-45C4-46C6-86C4-E95696891179}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84B4B6C4-2862-4251-850B-B3506E49955D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8657EE95-1816-4493-A5D7-8C814E4A65E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{876A570F-5EB5-4C6B-B012-6F007592A173}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C688536-168F-4A8B-A60F-BF3EF4123202}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90D040F3-78C5-44A4-AAF7-558985390A77}" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\frd.exe |
"{90ED919D-D703-4BDC-A457-D3D3356D803C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{91C58711-AA6E-4DF5-8451-70B27D889364}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9237520A-1186-4DD3-BDF2-4B6DCED6E04E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

majklef · #13 Příspěvek od **majklef** » 07 říj 2012 21:19

"{971AEDFE-06C7-44CC-BB93-828FC07E9F18}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9797BFAF-8887-4B11-92A8-90CA31CEFD2B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{99E54B10-85F2-484C-AA69-34C5B71F8EDD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9E41758B-954F-4ECF-A233-E3C47F775A4D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9E8AFDF8-5C42-4F0A-B405-754AB5A11806}" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"{A1A2853C-9332-4F2A-972D-A24286DD9432}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1F798E6-6BAA-475A-932B-3FD989DCD728}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A37381D7-B0A9-4710-B291-EF856F6A4E8D}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"{A3CB3FAC-FAE8-4B89-9820-E26307872961}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AA997CE7-10F7-475B-8D7C-5F1CE3280CDA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE8283C5-D16B-4B9A-AD77-BF40A37598F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B1DCED85-1612-4AD9-8110-8FDBE7DF8F63}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B486429E-3A86-41C8-8456-6F9FB6A2F02C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B6062D10-0891-4B64-9C11-1D3BF04FD1E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B86EF45F-32C9-49B7-B7A5-C1C44D692128}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B8FAD6B7-4736-48F2-9D4B-DBE28D42F6AE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BA2E4650-E856-45E4-B015-9DE4973CF99A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB51B238-0021-4789-B479-CCC321225C9F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BDF0F71F-17A4-4E1D-928C-E7F9C1324D5E}" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"{C03F7C0F-E956-4257-9D68-96774D89E5C8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C4E95DE4-965F-4D28-AC5C-7B7510ED7945}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C64A90B3-C5D4-48F3-98B0-9FF3CFE0BCDA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C7E7B043-5DE8-4284-8609-31EDD9338BC1}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{CAB40D2B-FC51-411E-8CD4-C71C4F9D67EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CF8768E2-1706-4BA6-9E47-793D53552019}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D1B5E6E7-92F3-41C7-A9EF-B7E26DF4E5DB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4BC1E5C-0DFE-4021-A448-08F4495BC63C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D735864C-1D8F-4CAC-9CCD-4782906B7C15}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D77CD102-D9A9-41FF-86DD-1D1607BBB843}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D81B80AC-0D9A-4C64-A3BC-FB32E7A43D5C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DB2B05C2-A075-4A65-8DD4-6F6CD47566BB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DC609D7B-AFC5-4211-A15B-CFEE3B78BE89}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DC74885E-6ECA-45CD-8113-F69894C6A541}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{DECDFB56-6F82-4C2F-AB58-99E588CE7C8C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF654B65-5A9A-4035-9C08-EA0CDC81260D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF6BB2CD-C37A-4E47-960C-2945A6515DBF}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{E1C919A5-9C9C-4DB0-81C9-046BC5960061}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E5C3E4BB-A060-4DE5-976A-74BC4C138E58}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E62540E9-CD44-4890-A3F6-41109F42579B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EA695949-03F2-45DE-9368-14E0239384B8}" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"{EAEB7ED2-A795-4BA6-93B7-C122C6EDAD7F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ECB14B80-6E5A-43F7-A60C-3C5B9909CBAD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{ED52F9A4-1446-40CC-87EC-6364CA1A5DC9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0459190-3C2D-4098-AE4A-B43A8AA9DA7C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F294E93E-C081-4A86-9DDA-8638621EC69B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F3CF186B-8888-4642-A8CD-2CBD9F6A265B}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{F4AD971B-6455-4C3E-B6E4-96CFC2324D58}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F56C6B8C-D0DF-43D2-981C-7A5B1DB5B44E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F79ED37B-459E-41AD-BC8A-0AC5FE2A1C7A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD52887F-7916-4DE9-BB55-D0BB4B83BB3E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FEDA60F0-D59B-470F-8689-B0F49885438F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{12328499-526D-4BC3-8C8D-6F4E6676D95B}C:\program files\java\jre6\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\frd.exe |
"TCP Query User{36F057BA-4113-4927-B090-FFF439CDE410}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{6BA40C7B-28E4-4E96-A75D-B6ACB3210E7C}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{8A6E7177-259D-4B31-9BBD-C2C0E5DD22FE}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{9CF8F35B-C189-4745-B935-B4E57C41900A}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{D14353AA-7EAA-4A5D-BF69-767395625015}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{FF659AAA-8F04-461B-8543-042A609F8A43}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{5EB37371-CD23-4207-957E-FC9B5B9CDECF}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{6CD29753-49C2-417B-80B6-7B3C3187A1C0}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6DBEE24B-C543-475A-890E-6E22FDD9A0DE}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{6FCD2DB2-A60C-44D0-8E89-0CCC2CE218FD}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{7B0B698C-93DB-42A6-923D-58F88E279F1F}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{ACE7A2E8-6472-45D1-A266-2E0D220CF3D3}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{D9369CF3-E8DF-426A-A541-3DEA3B501FCE}C:\program files\java\jre6\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\frd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{123D74B2-4F4F-4056-8313-5F1C9FEE332E}" = Xara Menu Maker 1.0
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{14BF164E-80A4-422E-BE43-39FB759666C2}_is1" = Avi to Mpeg 2.1
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{17CFA2D4-22BA-46BC-966A-292660B38C36}" = PowerArchiver 2010 Czech
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1EABF42E-9F5D-45A0-A768-6F80F1DD1B62}" = Likno Web Button Maker 2.0.156
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.4.2499.0
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 30
"{282C4EAA-F162-F52F-7BAF-C7B50DAAA00A}" = ccc-utility
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}" = ArcSoft TotalMedia 3.5
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{36592557-65CE-4A4D-9970-764F17E0AFD3}" = MSI v2 to redistribute Rigs of Rods
"{3C08B935-70D8-4D8A-93CA-C483BFE53F6F}_is1" = Zpravodajství ČT24
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{4058E728-84D8-45CE-8E2D-5F35BD6659A1}" = Adobe Extension Manager CS5.5
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010
"{434D0831-A4CC-401A-9E74-621000018402}" = F1 2010
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{5564CB30-525A-4932-878C-8B09A367E977}" = O&O DiskRecovery
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}" = MSTS Patch 1.7.0519
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{67E0988E-EF9F-481E-B334-2965A50A5176}" = Atlas CR10R v6
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7177EE4E-3D1D-4F45-85B5-B93DC758BA0B}" = OLYMPUS Viewer 2
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Trust Webcam Live
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{892994D3-5963-4877-A8DB-629607E8E928}" = 602XML Filler
"{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = Olympus ib
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A30D5C0-BD4A-4E65-AADF-20A457DE6D38}" = Windows Live Family Safety
"{8BD4B030-E30C-474E-A3B5-D4555A46CEFC}" = OnlineLive
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{954619BB-D48B-4B20-9BE7-06FBE5E69768}" = Xara Webstyle 3.0
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v4.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}" = Catalyst Control Center InstallProxy
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A68C62E8-B243-4777-89BB-12173DFA1D45}" = OLYMPUS Digital Camera Updater
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{B0AC53AC-0BE0-4E18-B2FE-0D88040AA56B}" = ESET Smart Security
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BB8B8D1A-7441-4AE5-9A65-744790CF9CC2}" = PowerArchiver 2011
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C29B13CC-F0C5-4973-8980-2BCDC7C44E39}" = Beyond TV DVD Burning Foundation
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CA317512-FCD4-460D-98E1-02BE7495FCDB}" = Slovakia Roads v5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0403C9C-0640-4C4B-89B5-57E2A0B36D1D}" = Atlas Czech 8.1NT
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D8C2C5B1-1A88-4B87-9116-59D082B1CE30}" = Visual Studio 2005 Redist Package
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode version 3.1.0.9
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}" = Trust WB-3400T Webcam
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"BSPlayerf" = BS.Player FREE
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.16
"DAEMON Tools Lite" = DAEMON Tools Lite
"dm paradies foto 3" = dm paradies foto 3
"DriverAgent.exe" = DriverAgent by eSupport.com
"Duplicate Checker_is1" = Duplicate Checker 3.3
"E77704EF5E71F4F18CADFBFA68595AFE036D5D97" = Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Fish Fillets" = Fish Fillets
"FormatFactory" = FormatFactory 2.96
"Foxit Reader_is1" = Foxit Reader 5.0
"Free Fox" = Free Fox
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = Olympus ib
"IrfanView" = IrfanView (remove only)
"Magic Data Recovery Pack" = Magic Data Recovery Pack
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.0.1400
"MediaCoder" = MediaCoder 0.8.13
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Miranda IM" = Miranda IM 0.9.8
"MOTORM4X" = MOTORM4X
"Mozilla Firefox 15.0.1 (x86 cs)" = Mozilla Firefox 15.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"Multi Virus Cleaner 2011_is1" = Multi Virus Cleaner 2011
"Opera 11.00.1029" = Opera 11.00 alpha build 1029
"Opera 12.02.1578" = Opera 12.02
"Picasa 3" = Picasa 3
"PowerArchiver 2011 12.00.59" = PowerArchiver 2011
"Print Envelope_is1" = Print Envelope 3.1.0.2
"Qip2005 packverze: 8095" = Qip2005 pack verze: 8095
"QuicktimeAlt_is1" = QuickTime Alternative 2.6.0
"Recuva" = Recuva
"Registrace uživatele zařízení Canon MP550 series" = Registrace uživatele zařízení Canon MP550 series
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"SCANIA Truck Driving Simulator" = SCANIA Truck Driving Simulator 1.0.0
"Smart Defrag 2_is1" = Smart Defrag 2
"SpeedFan" = SpeedFan (remove only)
"szn-software-listicka" = Seznam Lištička (Všichni uživatelé tohoto počítače.)
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"The Logo Creator v5" = The Logo Creator v5
"TmNationsForever_is1" = TmNationsForever
"Train Simulator 1.0" = Microsoft Train Simulator
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"UltraISO_is1" = UltraISO Premium V9.36
"Video Convert Master_is1" = Video Convert Master 8.0.8.24
"VLC media player" = VLC media player 1.1.9
"waterMark V2" = waterMark V2
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Google Translator" = Google Translator
"XBMC" = XBMC
"Zipeg" = Zipeg

========== Last 20 Event Log Errors ==========

[ Media Center Events ]
Error - 16.11.2009 13:57:00 | Computer Name = Masouni-PC | Source = MCUpdate | ID = 0
Description = 18:56:59 - Error connecting to the internet. 18:56:59 - Unable
to contact server..

Error - 16.11.2009 13:57:10 | Computer Name = Masouni-PC | Source = MCUpdate | ID = 0
Description = 18:57:05 - Error connecting to the internet. 18:57:05 - Unable
to contact server..

Error - 16.11.2009 16:22:09 | Computer Name = Masouni-PC | Source = MCUpdate | ID = 0
Description = 21:22:07 - Error connecting to the internet. 21:22:08 - Unable
to contact server..

Error - 16.11.2009 16:22:22 | Computer Name = Masouni-PC | Source = MCUpdate | ID = 0
Description = 21:22:15 - Error connecting to the internet. 21:22:15 - Unable
to contact server..

Error - 16.11.2009 17:54:35 | Computer Name = Masouni-PC | Source = MCUpdate | ID = 0
Description = 22:54:35 - Error connecting to the internet. 22:54:35 - Unable
to contact server..

Error - 16.11.2009 17:54:50 | Computer Name = Masouni-PC | Source = MCUpdate | ID = 0
Description = 22:54:41 - Error connecting to the internet. 22:54:41 - Unable
to contact server..

Error - 17.11.2009 8:14:03 | Computer Name = Masouni-PC | Source = MCUpdate | ID = 0
Description = 13:14:03 - Error connecting to the internet. 13:14:03 - Unable
to contact server..

Error - 17.11.2009 8:14:19 | Computer Name = Masouni-PC | Source = MCUpdate | ID = 0
Description = 13:14:09 - Error connecting to the internet. 13:14:09 - Unable
to contact server..

Error - 17.11.2009 9:14:40 | Computer Name = Masouni-PC | Source = MCUpdate | ID = 0
Description = 14:14:40 - Error connecting to the internet. 14:14:40 - Unable
to contact server..

Error - 17.11.2009 9:14:54 | Computer Name = Masouni-PC | Source = MCUpdate | ID = 0
Description = 14:14:45 - Error connecting to the internet. 14:14:45 - Unable
to contact server..

[ OSession Events ]
Error - 31.1.2010 17:00:59 | Computer Name = Masouni-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 31.1.2011 11:21:43 | Computer Name = Masouni-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error - 19.11.2011 12:39:30 | Computer Name = Masouni-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 33
seconds with 0 seconds of active time. This session ended with a crash.

Error - 14.1.2012 16:00:56 | Computer Name = Masouni | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 31.1.2012 12:20:43 | Computer Name = Masouni | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

Error - 27.2.2012 18:20:48 | Computer Name = Masouni | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7.10.2012 7:38:56 | Computer Name = Masouni | Source = DCOM | ID = 10001
Description =

Error - 7.10.2012 8:25:20 | Computer Name = Masouni | Source = DCOM | ID = 10001
Description =

Error - 7.10.2012 10:05:21 | Computer Name = Masouni | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 7.10.2012 10:13:21 | Computer Name = Masouni | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk4\DR4.

Error - 7.10.2012 10:13:21 | Computer Name = Masouni | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk4\DR4.

Error - 7.10.2012 10:13:22 | Computer Name = Masouni | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk4\DR4.

Error - 7.10.2012 10:13:23 | Computer Name = Masouni | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk4\DR4.

Error - 7.10.2012 11:38:46 | Computer Name = Masouni | Source = Microsoft-Windows-TaskScheduler | ID = 413
Description = Službě Plánovač úloh se při spuštění nepodařilo načíst úlohy. Další
údaje: Hodnota chyby: 2147549183

Error - 7.10.2012 11:41:14 | Computer Name = Masouni | Source = DCOM | ID = 10001
Description =

Error - 7.10.2012 11:41:16 | Computer Name = Masouni | Source = WMPNetworkSvc | ID = 866300
Description =

[ TuneUp Events ]
Error - 20.2.2010 9:17:55 | Computer Name = Masouni-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 20.2.2010 9:18:00 | Computer Name = Masouni-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 20.2.2010 9:18:00 | Computer Name = Masouni-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 20.2.2010 9:20:32 | Computer Name = Masouni-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 20.2.2010 9:20:32 | Computer Name = Masouni-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 20.2.2010 9:26:05 | Computer Name = Masouni-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 20.2.2010 9:26:14 | Computer Name = Masouni-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 20.2.2010 9:27:09 | Computer Name = Masouni-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 20.2.2010 9:27:09 | Computer Name = Masouni-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 20.2.2010 9:36:09 | Computer Name = Masouni-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

< End of report >

majklef · #14 Příspěvek od **majklef** » 07 říj 2012 21:20

Moc se omlouvám pokud jsem report poslal špatně ale jinak jsem to neuměl:-(

Díky za Váš čas a pomoc...

#15 Příspěvek od **vyosek** » 08 říj 2012 09:02

Log je poslan dobre, ono to jinak ani nejde

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RAMDiskVE.sys -- (RAMDiskVE)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (azpnplw5)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE 92 17 A1 EF F4 CA 01 [binary data]
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{03596038-44cc-44fc-bfb8-96db136931c2}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=QR&apn_dtid=&apn_uid=50782534-3770-41C5-A48D-B4C428E80EC8&apn_sauid=AC07E936-587B-461C-AC61-87DF221D2C7B
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60076
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{4ff617c4-d445-4e01-991f-477804c4d65d}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7IRFC_cs
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox.com/search/dispatc ... pl=11&qkw={searchTerms}&tbid=80093&lng=cs
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{C9211A97-08FF-489F-B34D-8778D476EEE0}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =642886&p={searchTerms}
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{df010eae-abf8-491c-b13e-f8a6aff9b86e}: "URL" = http://www.firmy.cz/phr/{searchTerms}?sourceid=QuickSearch_12
IE - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\SearchScopes\{e255001a-e12b-4bef-a125-42e6ec0e816c}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12
[2011.09.07 22:51:06 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Masouni\AppData\Roaming\Mozilla\Firefox\Profiles\a7thh2ja.default\extensions\engine@conduit.com
CHR - homepage: http://start.facemoods.com/?a=ddrnw
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found.
O3 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..\Toolbar\WebBrowser: (Nástroje Lištičky) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
O4 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001..\Run: [Wqiciy] C:\Users\Masouni\AppData\Roaming\Wqiciy.exe File not found
O8 - Extra context menu item: Send To &Bluetooth - Reg Error: Value error. File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1285935003-2300882945-1030792899-1001\..Trusted Domains: localhost ([]http in Internet)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{64ad1d2b-d1d9-11e1-a340-0018f303b748}\Shell - "" = AutoRun
O33 - MountPoints2\{64ad1d3a-d1d9-11e1-a340-0018f303b748}\Shell - "" = AutoRun
O33 - MountPoints2\{f40e2d32-c316-11de-9b02-0018f303b748}\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\V\Shell - "" = AutoRun
[2012.04.15 04:26:43 | 000,000,000 | ---D | M] -- C:\Users\Masouni\AppData\Roaming\IObit
[14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[12 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
[2012.04.16 06:45:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\IObit
[2011.11.13 01:00:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2009.11.21 01:47:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:DBC416F8
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Application Data\TEMP:DBC416F8
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:08948D52
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Application Data\TEMP:08948D52
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Application Data\TEMP:5C321E34
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Application Data\TEMP:A8ADE5D8

:files
 C:\Users\Masouni\AppData\Roaming\*.exe
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

VIRY.CZ

Skype vir

Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir

Re: Skype vir