VIRY.CZ

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-19.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 18.10.2010 22:34:50
System Uptime: 29.10.2012 9:50:59 (2 hours ago)
.
Motherboard: MEDIONPC | | MS-7621
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz | CPU 1 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 910 GiB total, 465,319 GiB free.
D: is FIXED (NTFS) - 20 GiB total, 12,85 GiB free.
E: is CDROM ()
M: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP603: 2.10.2012 3:00:12 - Windows Update
RP604: 5.10.2012 13:27:23 - Windows Update
RP605: 9.10.2012 20:39:24 - Windows Update
RP606: 10.10.2012 8:05:59 - Windows Update
RP607: 14.10.2012 18:28:14 - Windows Update
RP608: 18.10.2012 19:19:25 - Windows Update
RP609: 23.10.2012 23:17:59 - Windows Update
RP610: 29.10.2012 8:47:16 - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office Suite Service Pack 3 (SP3)
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.1.3 - Deutsch
Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)
Apple Application Support
Apple Software Update
Ashampoo Burning Studio 10.0.4
Ashampoo Burning Studio 6 FREE v.6.80
µTorrent
Audacity 1.3.3 (Unicode)
AviSynth 2.5
Bing Bar
CCleaner
Centrum zařízení Windows Mobile
CloneCD
Compatibility Pack für 2007 Office System
CyberLink LabelPrint
CyberLink MediaShow
CyberLink PhotoNow
CyberLink Power2Go
CyberLink PowerCinema
CyberLink PowerDirector
CyberLink PowerDVD 10
CyberLink PowerDVD 9
CyberLink PowerDVD Copy
CyberLink PowerProducer
CyberLink YouCam
D3DX10
DAEMON Tools Lite
Disktrix UltimateDefrag
eturboTouchKit
Fast MP4 3GP AVI MPG WMV RM MOV FLV Converter 6.1
Free YouTube to MP3 Converter version 3.10.5.722
GameXN GO
Google Desktop
Google Earth
Google Chrome
Google Talk Plugin
Google Update Helper
ImgBurn
InterVideo WinDVD 8
Java(TM) 6 Update 16
JDownloader
Jpeg Resampler Vs 6+
Junk Mail filter update
K-Lite Codec Pack 5.9.0 (Basic)
MAMEi 0.30
MediaCoder 2011
Medion Home Cinema
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile CSY Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended CSY Language Pack
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Antimalware Service CS-CZ Language Pack
Microsoft Application Error Reporting
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend 4
Microsoft Expression Blend 4 Add-in for Adobe FXG Import
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Blend SDK for Windows Phone 7
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Help Viewer 1.0
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (Czech) 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (German) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Czech) 2007
Microsoft Office PowerPoint MUI (Czech) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office PowerPoint Viewer 2007 (German)
Microsoft Office Proof (Czech) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proof (Slovak) 2007
Microsoft Office Proofing (Czech) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (Czech) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (Czech) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Security Client
Microsoft Security Client CS-CZ Language Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Silverlight Tools for Visual Studio 2010
Microsoft SQL Server 2005 Compact Edition [DEU]
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2010 Express for Windows Phone - ENU
Microsoft Windows Debugging Symbols
Microsoft Windows Phone 7 Developer Resources
Microsoft Windows Phone Developer Tools - ENU
Microsoft Works
Microsoft XNA Framework Redistributable 4.0
Microsoft XNA Game Studio 4.0
Microsoft XNA Game Studio 4.0 (ARP entry)
Microsoft XNA Game Studio 4.0 (Redists)
Microsoft XNA Game Studio 4.0 (Shared Components)
Microsoft XNA Game Studio 4.0 (Visual Studio)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Documentation
Microsoft XNA Game Studio 4.0 Windows Phone Extensions
Microsoft XNA Game Studio Platform Tools
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 16.0.1 (x86 cs)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MusicJet
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
NVIDIA Drivers
OSD hot keys
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
Paragon Backup & Recovery™ 10 Suite
Passware Kit Enterprise 9.7
PDF Settings CS5
PlayReady PC Runtime x86
PowerCinema Movie
QIP 2005 8095
QuickTime
RAR Password Recovery v1.1 RC16 (remove only)
RealPlayer
Realtek 8136 8168 8169 Ethernet Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Skype Click to Call
Skype™ 5.10
SUPERAntiSpyware
SyncBackPro
Total Commander (Remove or Repair)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.4
Winamp
Winamp Detector Plug-in
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Updater Component
Windows Mobile Resources
Windows Movie Maker 2.6
Windows Phone 7 Add-in for Visual Studio 2010 - ENU
Windows Phone 7 Marketplace for Windows PC version 1.4.6
Windows Phone Emulator - ENU
WinRAR
WPF Toolkit February 2010 (Version 3.5.50211.1)
Zune
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== End Of File ===========================


dekuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by denosek at 2012-10-29 17:36:43
Microsoft Windows 7 Home Premium
System drive C: has 476 GB (51%) free of 932 GB
Total RAM: 3327 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:36:48, on 29.10.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17115)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\YouCam\YouCamTray.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\denosek\Downloads\RSIT.exe
C:\Program Files\trend micro\denosek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [Google Update] "C:\Users\denosek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\denosek\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/5221-29898-17534-1/4 (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/5221-29898-17534-1/4 (file missing) (HKCU)
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WMI_Hook_Service - MICRO-STAR INT'L,.LTD. - C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe

--
End of file - 8654 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "seznam.cz"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1864]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1924]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.857]
"Description"=6.0.12.857
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
firmycz.xml
google.xml
googledesktop.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
mapycz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
zbocz.xml

C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\extensions\
engine@conduit.com
foxmarks@kei.com
noia2_option@kk.noia
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{687578b9-7132-4a7a-80e4-30ee31099e03}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\searchplugins\
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-18 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-10 7612960]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2009-06-03 103720]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"YouCam Mirror Tray icon"=C:\Program Files\CyberLink\YouCam\YouCamTray.exe [2009-07-23 162912]
"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-02-16 87336]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2008-10-13 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2010-11-17 75048]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-11-02 30192]
"RemoteControl10"=C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"Zune Launcher"=c:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 159456]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-11-01 180269]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 947176]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\denosek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-16 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-10-29 11:24:18 ----D---- C:\Program Files\Mozilla Firefox
2012-10-10 13:33:43 ----A---- C:\Windows\system32\drivers\hwinterface.sys
2012-10-10 03:08:28 ----A---- C:\Windows\system32\wintrust.dll
2012-10-10 03:08:23 ----A---- C:\Windows\system32\tzres.dll
2012-10-10 03:08:14 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-10 03:08:10 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-10 03:08:10 ----A---- C:\Windows\system32\crypt32.dll
2012-10-10 03:08:09 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-10 03:07:59 ----A---- C:\Windows\system32\kernel32.dll
2012-10-10 03:07:58 ----A---- C:\Windows\system32\winsrv.dll
2012-10-10 03:07:58 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-10 03:07:58 ----A---- C:\Windows\system32\conhost.exe
2012-10-10 03:07:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 03:07:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 03:07:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-10 03:07:57 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 03:07:57 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 03:07:57 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 03:07:57 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 03:07:57 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 03:07:57 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 03:07:57 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 03:07:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-10 03:07:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 03:07:56 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 03:07:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-10 03:07:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 03:07:56 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 03:07:56 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 03:07:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 03:07:56 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 03:07:56 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 03:07:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 03:07:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-10 03:07:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 03:07:55 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-10 03:07:55 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 03:07:55 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 03:07:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 03:07:55 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-10 03:07:49 ----A---- C:\Windows\system32\kerberos.dll
2012-10-10 03:07:48 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-10 03:07:48 ----A---- C:\Windows\system32\ntkrnlpa.exe

======List of files/folders modified in the last 1 month======

2012-10-29 17:36:48 ----D---- C:\Windows\Prefetch
2012-10-29 17:36:46 ----D---- C:\Program Files\trend micro
2012-10-29 17:36:36 ----D---- C:\Windows\temp
2012-10-29 12:13:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-10-29 12:13:42 ----D---- C:\Program Files
2012-10-29 11:12:29 ----D---- C:\Windows\system32\config
2012-10-29 09:55:28 ----D---- C:\Windows\System32
2012-10-29 09:55:28 ----D---- C:\Windows\inf
2012-10-29 09:55:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-29 09:51:17 ----AD---- C:\Windows
2012-10-29 09:51:07 ----D---- C:\Program Files\SUPERAntiSpyware
2012-10-29 09:31:38 ----D---- C:\Users\denosek\AppData\Roaming\Skype
2012-10-29 08:49:31 ----D---- C:\Users\denosek\AppData\Roaming\Winamp
2012-10-29 08:49:31 ----D---- C:\Users\denosek\AppData\Roaming\uTorrent
2012-10-29 08:49:24 ----D---- C:\Windows\debug
2012-10-29 08:47:48 ----SHD---- C:\System Volume Information
2012-10-11 16:43:20 ----D---- C:\Windows\rescache
2012-10-11 00:06:37 ----D---- C:\Windows\winsxs
2012-10-11 00:05:05 ----D---- C:\Windows\system32\de-DE
2012-10-11 00:05:05 ----D---- C:\Windows\system32\cs-CZ
2012-10-11 00:05:04 ----D---- C:\Windows\system32\drivers
2012-10-10 20:45:46 ----SHD---- C:\Windows\Installer
2012-10-10 20:45:44 ----D---- C:\Users\denosek\AppData\Roaming\Mozilla
2012-10-10 13:33:39 ----D---- C:\Windows\system32\Tasks
2012-10-10 07:13:16 ----D---- C:\ProgramData\Microsoft Help
2012-10-10 07:10:20 ----A---- C:\Windows\system32\MRT.exe
2012-10-10 07:10:03 ----D---- C:\Program Files\Microsoft Works
2012-10-10 03:07:46 ----D---- C:\Windows\system32\catroot2
2012-10-10 03:07:46 ----D---- C:\Windows\system32\catroot
2012-10-09 20:54:27 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-10-02 02:02:23 ----D---- C:\Program Files\Microsoft Security Client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hotcore3;hc3ServiceName; C:\Windows\system32\DRIVERS\hotcore3.sys [2010-10-12 56208]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 193552]
R0 nvamacpi;NVIDIA Away Mode System; C:\Windows\system32\DRIVERS\NVAMACPI.sys [2009-06-05 24608]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-06-30 212000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-24 239168]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 hwinterface;hwinterface; C:\Windows\System32\Drivers\hwinterface.sys [2012-10-10 3026]
R1 MpKsl8f285c13;MpKsl8f285c13; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{67823808-C3C6-431D-966C-7BBCF07CEF9B}\MpKsl8f285c13.sys [2012-10-29 29904]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2010-10-12 395464]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2010-10-12 37080]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2010-09-08 230248]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/12/31 14:55:42]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-11-17 87536]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/11/01 22:14:55]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl [2009-02-28 87536]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 99272]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-10 2660896]
R3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-28 17920]
R3 NxpCap;CTX capture service; C:\Windows\system32\DRIVERS\NxpCap.sys [2009-07-30 1488096]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-04-01 1009184]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP-Bus-Filtertreiber; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-05-11 80824]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 MSIDriver_IO_2;MSIDriver_IO_2; \??\C:\Program Files\msi\OSD hot keys\MSI_MAINSYS.sys [2009-08-25 26936]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 Profos;Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP-Bus-Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 181344]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP-Bus-Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7-Prozessortreiber; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-10-29 116608]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 20472]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-03-04 584488]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-18 211488]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-02-25 247152]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R2 WMI_Hook_Service;WMI_Hook_Service; C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe [2009-09-04 101176]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 287824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-30 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-11-02 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-30 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-29 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-19 1343400]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; c:\Program Files\Zune\WMZuneComm.exe [2011-08-05 268512]
S3 ZuneNetworkSvc;Zune Network Sharing Service; c:\Program Files\Zune\ZuneNss.exe [2011-08-05 6363872]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; c:\Program Files\Zune\ZuneWlanCfgSvc.exe [2011-08-05 444640]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

OTL logfile created on: 29.10.2012 18:24:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\denosek\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000C07 | Country: Tschechische Republik | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 38,95% Memory free
6,50 Gb Paging File | 4,54 Gb Available in Paging File | 69,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 464,12 Gb Free Space | 50,98% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 12,85 Gb Free Space | 64,25% Space Free | Partition Type: NTFS

Computer Name: MARA | User Name: denosek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.10.29 18:23:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\denosek\Desktop\OTL.exe
PRC - [2012.10.29 11:24:57 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.10.29 08:47:21 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012.10.29 08:47:20 | 004,762,496 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012.10.09 20:54:27 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012.09.12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2012.09.12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012.09.12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.08.05 11:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2011.03.04 10:39:14 | 000,584,488 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.17 21:29:22 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2010.11.01 21:53:34 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.02.03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009.09.04 13:09:36 | 000,101,176 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.08.18 12:46:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\javaw.exe
PRC - [2009.07.23 20:22:52 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\YouCam\YouCamTray.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.06.03 19:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.02.16 09:55:38 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2009.01.29 23:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe


========== Modules (No Company Name) ==========

MOD - [2012.10.29 11:24:24 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.10.09 20:54:26 | 009,814,968 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2010.11.02 09:34:21 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009.06.03 19:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 19:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll


========== Services (SafeList) ==========

SRV - [2012.10.29 11:24:57 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.29 08:47:21 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012.10.09 20:54:30 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.08.05 11:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011.08.05 11:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011.08.05 11:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2011.03.04 10:39:14 | 000,584,488 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.10.19 09:21:39 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.09.04 13:09:36 | 000,101,176 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.05.31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\denosek\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - [2012.10.29 10:02:55 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{67823808-C3C6-431D-966C-7BBCF07CEF9B}\MpKsl8f285c13.sys -- (MpKsl8f285c13)
DRV - [2012.10.10 13:33:43 | 000,003,026 | ---- | M] (Logix4u) [Kernel | System | Running] -- C:\Windows\System32\drivers\hwinterface.sys -- (hwinterface)
DRV - [2012.08.30 21:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012.07.30 12:32:08 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.05.11 06:34:06 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011.12.24 23:32:40 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.11.17 21:29:20 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/12/31 14:55:42] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010.10.12 20:32:22 | 000,395,464 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010.10.12 20:32:20 | 000,056,208 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2010.10.12 20:32:20 | 000,037,080 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)
DRV - [2010.09.08 15:42:16 | 000,230,248 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2010.04.01 09:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009.08.25 08:10:16 | 000,026,936 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\msi\OSD hot keys\MSI_MAINSYS.sys -- (MSIDriver_IO_2)
DRV - [2009.07.30 14:11:40 | 001,488,096 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.07.18 08:41:00 | 009,789,696 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009.06.30 16:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.28 23:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.05 00:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.04.29 14:37:26 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86)
DRV - [2009.02.28 19:40:18 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/11/01 22:14:55] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2007.02.16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 0winampie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_6826
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://www.icq.com/search/results.php?q ... &ch_id=osd
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=Qmz_q7i2 ... earchTerms}
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{DC010BAC-595F-44CE-9915-A040C01635F8}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 0winampie7
IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledAddons: Noia4Options@ArisT2:1.6.4
FF - prefs.js..extensions.enabledAddons: togglepersona@davidvincent.tld:1.0.9
FF - prefs.js..extensions.enabledAddons: {687578b9-7132-4a7a-80e4-30ee31099e03}:3.15.1.0
FF - prefs.js..extensions.enabledAddons: foxmarks@kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.19
FF - prefs.js..extensions.enabledAddons: NoiaFoxoption@davidvincent.tld:2.0.6
FF - prefs.js..extensions.enabledAddons: {7b90e860-5d61-11e0-80e3-0800200c9a66}:2.0.6
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1864: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1924: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.857: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\denosek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\denosek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.29 11:24:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.29 11:24:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2010.10.18 21:44:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\denosek\AppData\Roaming\mozilla\Extensions
[2012.10.25 22:45:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions
[2010.10.19 13:26:00 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2012.08.29 10:30:43 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012.08.21 11:06:06 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.08.22 14:16:42 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2012.02.24 11:05:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.05.31 18:37:38 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\engine@conduit.com
[2012.09.17 21:40:30 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com
[2010.10.18 21:48:17 | 000,000,000 | ---D | M] (Noia 2.0 eXtreme OPT) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\noia2_option@kk.noia
[2012.01.14 17:15:44 | 000,126,555 | ---- | M] () (No name found) -- C:\Users\denosek\AppData\Roaming\mozilla\firefox\profiles\4brtbfr2.default\extensions\Noia4Options@ArisT2.xpi
[2012.10.25 22:45:02 | 000,065,957 | ---- | M] () (No name found) -- C:\Users\denosek\AppData\Roaming\mozilla\firefox\profiles\4brtbfr2.default\extensions\NoiaFoxoption@davidvincent.tld.xpi
[2012.05.29 09:24:19 | 000,009,880 | ---- | M] () (No name found) -- C:\Users\denosek\AppData\Roaming\mozilla\firefox\profiles\4brtbfr2.default\extensions\togglepersona@davidvincent.tld.xpi
[2012.10.25 22:45:02 | 002,278,298 | ---- | M] () (No name found) -- C:\Users\denosek\AppData\Roaming\mozilla\firefox\profiles\4brtbfr2.default\extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi
[2012.09.26 09:51:52 | 000,061,406 | ---- | M] () (No name found) -- C:\Users\denosek\AppData\Roaming\mozilla\firefox\profiles\4brtbfr2.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2012.04.17 23:39:24 | 000,000,935 | ---- | M] () -- C:\Users\denosek\AppData\Roaming\mozilla\firefox\profiles\4brtbfr2.default\searchplugins\conduit.xml
[2012.10.29 11:24:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.10.29 11:24:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.04.13 20:24:08 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\firmycz.xml
[2012.09.08 22:48:19 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.09.08 22:48:19 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.10.22 00:36:19 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2010.04.13 20:24:30 | 000,002,041 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mapycz.xml
[2012.09.08 22:48:19 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.09.08 22:48:19 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.09.08 22:48:19 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
[2010.04.13 20:24:54 | 000,002,207 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zbocz.xml

========== Chrome ==========

CHR - homepage: http://search.conduit.com/?ctid=CT30722 ... hSource=48
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx? ... =CT3072253
CHR - default_search_provider: suggest_url = http://search.conduit.com/
CHR - homepage: http://search.conduit.com/?ctid=CT30722 ... hSource=48
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\denosek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U16 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: uTorrentControl2 = C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\
CHR - Extension: Gmail = C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.02.02 08:24:48 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found.
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1176429872-680437442-246994520-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\denosek\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5939B29F-0DF1-4471-B01B-77A6E23D0BD1}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6FF19D4-6C66-4FDC-AEF4-73530C0CD80E}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\Windows\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\Windows\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.voxacm160 - C:\Windows\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\Windows\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.xvid - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.10.29 18:23:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\denosek\Desktop\OTL.exe
[2012.10.29 11:24:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.29 11:05:03 | 000,687,724 | R--- | C] (Swearware) -- C:\Users\denosek\Desktop\dds.exe
[2012.10.29 09:51:36 | 000,000,000 | R--D | C] -- C:\Users\denosek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9

========== Files - Modified Within 7 Days ==========

[2012.10.29 19:17:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.29 18:54:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.29 18:45:01 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000UA.job
[2012.10.29 18:34:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.29 18:23:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\denosek\Desktop\OTL.exe
[2012.10.29 11:05:14 | 000,687,724 | R--- | M] (Swearware) -- C:\Users\denosek\Desktop\dds.exe
[2012.10.29 09:58:26 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.29 09:58:26 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.29 09:55:28 | 000,687,030 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.29 09:55:28 | 000,667,896 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.10.29 09:55:28 | 000,652,638 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.29 09:55:28 | 000,148,158 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.29 09:55:28 | 000,140,632 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.10.29 09:55:28 | 000,021,218 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.29 09:51:21 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.29 09:51:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.29 09:51:07 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.24 05:45:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000Core.job

========== Files Created - No Company Name ==========

[2012.05.31 18:55:30 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.12.04 17:10:39 | 000,038,433 | ---- | C] () -- C:\Users\denosek\AppData\Roaming\Hodnoty oddělené čárkami (Windows).ADR
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.02.11 13:06:51 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011.01.11 22:10:28 | 000,014,336 | ---- | C] () -- C:\Users\denosek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.31 13:40:23 | 000,071,096 | ---- | C] () -- C:\Windows\System32\NMSAccessU.exe
[2010.12.31 13:40:23 | 000,017,408 | ---- | C] () -- C:\Windows\System32\SyncBackPro.dll
[2010.11.24 20:49:10 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.11.20 14:16:39 | 000,000,840 | ---- | C] () -- C:\Users\denosek\AppData\Local\SRDownloader.nast
[2010.11.20 14:16:10 | 000,000,046 | ---- | C] () -- C:\Users\denosek\AppData\Local\SRDownloader.err
[2010.10.28 14:28:29 | 000,000,024 | ---- | C] () -- C:\Users\denosek\AppData\Roaming\AVSDVDPlayer.m3u
[2010.10.19 10:41:17 | 000,000,088 | RHS- | C] () -- C:\ProgramData\8E6BEC914D.sys
[2010.10.19 10:41:16 | 000,005,642 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.11.07 00:13:55 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\.Torrent Swapper
[2011.12.26 02:06:54 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Ashampoo
[2011.05.17 19:35:39 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Audacity
[2012.04.12 16:17:55 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Broad Intelligence
[2010.11.11 08:49:54 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\BullGuard
[2012.07.29 12:28:51 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\DAEMON Tools Lite
[2012.02.24 11:08:11 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\DVDVideoSoft
[2012.02.24 11:05:53 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.10.19 10:06:27 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\GHISLER
[2012.02.01 16:09:59 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\go
[2010.10.19 13:40:00 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\ICQ
[2012.06.06 20:16:36 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\ImgBurn
[2010.10.19 13:54:36 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\InterVideo
[2012.05.11 09:27:04 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Jpeg Resampler
[2010.12.28 18:39:52 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\kikin
[2010.12.31 15:20:16 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Passware
[2010.10.26 21:10:46 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\PowerCinema
[2010.10.19 13:26:08 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\QIP
[2011.05.01 20:34:47 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.10.29 08:49:31 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\uTorrent
[2010.10.18 22:09:42 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\VitySoft
[2012.02.01 08:27:26 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Yandex

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.06.12 10:01:42 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.11 22:29:30 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.09.11 22:29:31 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.20 05:40:19 | 000,000,918 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000Core.job
[2012.09.20 05:40:20 | 000,000,970 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000UA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\ERDNT\cache\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\System32\drivers\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\ERDNT\cache\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2010.04.09 08:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010.04.09 08:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[287 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.11.07 00:13:55 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\.Torrent Swapper
[2011.05.04 06:35:51 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Adobe
[2011.05.01 20:34:47 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Adobe Mini Bridge CS5
[2011.12.26 02:06:54 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Ashampoo
[2011.05.17 19:35:39 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Audacity
[2012.04.12 16:17:55 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Broad Intelligence
[2010.11.11 08:49:54 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\BullGuard
[2010.10.26 21:41:26 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Corel
[2010.12.31 14:58:49 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\CyberLink
[2012.07.29 12:28:51 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\DAEMON Tools Lite
[2012.01.15 23:31:02 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\dvdcss
[2012.02.24 11:08:11 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\DVDVideoSoft
[2012.02.24 11:05:53 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.10.19 10:06:27 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\GHISLER
[2012.02.01 16:09:59 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\go
[2010.10.19 13:40:00 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\ICQ
[2010.10.18 21:35:15 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Identities
[2012.06.06 20:16:36 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\ImgBurn
[2010.10.19 13:54:36 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\InterVideo
[2012.05.11 09:27:04 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Jpeg Resampler
[2010.12.28 18:39:52 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\kikin
[2010.10.19 09:35:02 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Macromedia
[2009.07.14 09:56:41 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Media Center Programs
[2012.06.12 10:02:01 | 000,000,000 | --SD | M] -- C:\Users\denosek\AppData\Roaming\Microsoft
[2012.10.10 20:45:44 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Mozilla
[2012.05.31 20:02:09 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Nero
[2010.12.31 15:20:16 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Passware
[2010.10.26 21:10:46 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\PowerCinema
[2010.10.19 13:26:08 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\QIP
[2011.02.13 00:35:13 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Real
[2012.10.29 09:31:38 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Skype
[2011.11.17 18:46:11 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\skypePM
[2011.05.01 20:34:47 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.02.02 07:51:31 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\SUPERAntiSpyware.com
[2012.10.29 08:49:31 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\uTorrent
[2010.10.18 22:09:42 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\VitySoft
[2012.08.30 19:06:51 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\vlc
[2012.10.29 08:49:31 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Winamp
[2010.10.18 22:29:59 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\WinRAR
[2012.02.01 08:27:26 | 000,000,000 | ---D | M] -- C:\Users\denosek\AppData\Roaming\Yandex

< %APPDATA%\*.exe /s >
[2010.12.28 18:39:59 | 001,166,568 | ---- | M] () -- C:\Users\denosek\AppData\Roaming\kikin\kikin_updater_2.9.1.exe
[2010.12.31 14:45:27 | 000,367,686 | R--- | M] () -- C:\Users\denosek\AppData\Roaming\Microsoft\Installer\{FEBED6FC-140F-43F6-8CB5-D3C0EB0F3D66}\icon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.10.29 18:54:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.10.29 09:51:21 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.10.29 19:34:07 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.10.24 05:45:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000Core.job
[2012.10.29 19:45:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.10.29 09:58:26 | 000,010,096 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.29 09:58:26 | 000,010,096 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.29 09:55:28 | 000,140,632 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.10.29 09:55:28 | 000,148,158 | ---- | M] () -- C:\Windows\system32\perfc007.dat
[2012.10.29 09:55:28 | 000,021,218 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.10.29 09:55:28 | 000,667,896 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.10.29 09:55:28 | 000,687,030 | ---- | M] () -- C:\Windows\system32\perfh007.dat
[2012.10.29 09:55:28 | 000,652,638 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.10.29 09:55:28 | 002,306,364 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\denosek\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.10.16 20:00:20 | 000,136,176 | ---- | M] (Google Inc.)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.11.10 10:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.10.29 11:24:57 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=E60E9D5F229CB8DA347D48ADD6E8DC47 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.08.24 18:15:32 | 000,672,872 | ---- | M] (Microsoft Corporation) MD5=4ADB84297505A1627DEEA18529BF4B16 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.10.10 11:06:17 | 001,239,064 | ---- | M] (Google Inc.) MD5=848D034D067BE2FF5CD3D779BECBDA00 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.29 19:17:15 | 000,000,512 | ---- | M] () MD5=21FBD41E635222B83511AEEBA3A813F6 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.08.28 21:02:26 | 008,495,245 | ---- | M] () -- \Install\auto\Disco hity\Amnezia Super Hits 62\Cd 1\13. Dj Neo ft. Martina Balogova - Just Another Crack (Radio Edit).mp3
[2012.10.29 18:03:37 | 000,004,412 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\CrackedCom.class
[2000.08.08 22:06:26 | 000,002,238 | ---- | M] () -- \Program Files\MAMEi\icons\cracksht.ico
[2012.08.05 23:25:45 | 000,791,428 | ---- | M] () -- \Users\denosek\AppData\LocalLow\MyAshampoo\Rss\http___crackle_com_rss_media_sxsw_featured_rss.xml
[2012.07.23 21:51:34 | 000,005,828 | ---- | M] () -- \Users\denosek\AppData\LocalLow\MyAshampoo\Rss\http___crackle_com_rss_media_sxsw_featured_rss_history.xml
[2012.08.05 23:25:45 | 000,010,122 | ---- | M] () -- \Users\denosek\AppData\LocalLow\MyAshampoo\Rss\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml
[2010.10.19 10:51:48 | 000,000,000 | ---- | M] () -- \Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\CT2475029\feed\http___crackle_com_rss_media_sxsw_featured_rss_history.xml
[2010.10.19 10:51:48 | 000,000,000 | ---- | M] () -- \Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\CT2475029\feed\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml
[2004.02.19 06:29:44 | 000,010,420 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\n\nutcracker_suite_-_arab_dance.mid
[2004.02.19 06:29:44 | 000,006,682 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\n\nutcracker_suite_-_chinese_dance.mid
[2004.02.19 06:29:44 | 000,008,066 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\n\nutcracker_suite_-_dance_of_the_sugar.mid
[2004.02.19 06:29:44 | 000,013,452 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\n\nutcracker_suite_-_march.mid
[2004.02.19 06:29:46 | 000,011,123 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\n\nutcracker_suite_-_reed_flutes.mid
[2004.02.19 06:29:46 | 000,007,861 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\n\nutcracker_suite_-_russian_dance.mid
[2004.02.21 11:29:34 | 000,003,066 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\polyphone_midi_ringtones\M_Tjaikovski-Nut_Cracker.mid
[2004.02.21 11:29:34 | 000,008,718 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\polyphone_midi_ringtones\RingTones\Arabian Dance Nutcracker Suite (Tchaicovsky).mid
[2004.02.21 11:29:36 | 000,014,902 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\polyphone_midi_ringtones\RingTones\Overture Nutcracker Suite (Tchaicovsky).mid
[2004.02.21 11:29:38 | 000,029,237 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\polyphone_midi_ringtones\RingTones\Waltz of the Flowers from the Nutcracker Suite.mid
[2004.02.21 11:29:44 | 000,014,902 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\polyphone_midi_ringtones\Tones\Overture Nutcracker Suite (Tchaicovsky).mid
[2004.02.21 11:29:50 | 000,003,066 | ---- | M] () -- \Users\denosek\Documents\Veru\Ostatní\disk\melodie\polyphone_midi_ringtones\Very nice polytones\M_Tjaikovski-Nut_Cracker.mid
[2011.08.28 20:02:24 | 008,495,245 | ---- | M] () -- \Users\denosek\Music\Disco\Amnezia Super Hits 62\Cd 1\13. Dj Neo ft. Martina Balogova - Just Another Crack (Radio Edit).mp3

< *keygen* /s >

< *loader* /s >
[2009.11.03 21:48:00 | 000,001,115 | ---- | M] () -- \Install\karta diamond2\NAVIGON\NavLoader.cfg
[2009.08.06 01:38:38 | 000,001,111 | ---- | M] () -- \Install\Navigon\MN7.4.3Build793-PDAv20\NAVIGON\NavLoader.cfg
[2010.11.09 23:29:54 | 005,297,608 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2011.07.22 15:12:04 | 002,795,648 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.03.18 23:21:56 | 000,063,312 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2010.03.18 00:17:14 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2009.07.27 14:49:10 | 000,056,416 | ---- | M] () -- \Program Files\CyberLink\MediaShow4\Koan\pyloader.dll
[2009.07.27 14:49:18 | 002,184,488 | ---- | M] () -- \Program Files\CyberLink\MediaShow4\subsys\CES\CES_3DLoaderFBX.dll
[2009.07.27 14:49:20 | 000,020,284 | ---- | M] () -- \Program Files\CyberLink\MediaShow4\subsys\DataCenter\ImageLoader.kc
[2009.07.13 20:55:20 | 000,010,788 | ---- | M] () -- \Program Files\CyberLink\PowerCinema Movie\mm\MediaCtrl\ImageLoader.kc
[2009.07.13 20:55:22 | 000,003,499 | ---- | M] () -- \Program Files\CyberLink\PowerCinema Movie\Widget\langloader.kc
[2009.07.13 20:55:22 | 000,012,802 | ---- | M] () -- \Program Files\CyberLink\PowerCinema Movie\Widget\layoutloader.kc
[2009.08.11 18:41:32 | 000,058,664 | ---- | M] () -- \Program Files\CyberLink\PowerCinema\Koan\pyloader.dll
[2009.08.11 18:41:46 | 000,011,734 | ---- | M] () -- \Program Files\CyberLink\PowerCinema\System\KernelCtrl\ImageLoader.kc
[2009.08.11 18:41:46 | 000,017,513 | ---- | M] () -- \Program Files\CyberLink\PowerCinema\System\KernelCtrl\ImageLoader2.kc
[2009.08.11 18:41:46 | 000,003,955 | ---- | M] () -- \Program Files\CyberLink\PowerCinema\Widget\langloader.kc
[2009.08.11 18:41:46 | 000,013,982 | ---- | M] () -- \Program Files\CyberLink\PowerCinema\Widget\layoutloader.kc
[2010.11.25 01:16:16 | 000,058,664 | ---- | M] () -- \Program Files\CyberLink\PowerDVD10\PK\Koan\pyloader.dll
[2010.11.25 01:16:16 | 000,027,657 | ---- | M] () -- \Program Files\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\PyImpLoader.kc
[2010.11.25 01:16:16 | 000,120,104 | ---- | M] () -- \Program Files\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2010.11.10 15:03:30 | 000,010,781 | ---- | M] () -- \Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2010.11.10 15:03:38 | 000,003,492 | ---- | M] () -- \Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\widget\langloader.kc
[2010.11.10 15:03:38 | 000,013,453 | ---- | M] () -- \Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\widget\layoutloader.kc
[2010.07.15 10:12:06 | 000,010,775 | ---- | M] () -- \Program Files\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2010.07.15 10:12:08 | 000,003,567 | ---- | M] () -- \Program Files\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2010.07.15 10:12:08 | 000,013,369 | ---- | M] () -- \Program Files\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2009.02.28 22:12:40 | 000,010,789 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2009.02.28 22:12:44 | 000,003,500 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\widget\langloader.kc
[2009.02.28 22:12:44 | 000,012,803 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\widget\layoutloader.kc
[2009.02.25 08:13:46 | 002,184,488 | ---- | M] () -- \Program Files\CyberLink\Shared files\Plugin\5.0\CES_3DLoaderFBX.dll
[2009.07.23 20:24:20 | 000,056,416 | ---- | M] () -- \Program Files\CyberLink\YouCam\Koan\pyloader.dll
[2009.07.23 20:22:40 | 000,012,794 | ---- | M] () -- \Program Files\CyberLink\YouCam\subsys\Uploader\PyUploader.kc
[2009.07.23 20:22:40 | 000,162,912 | ---- | M] () -- \Program Files\CyberLink\YouCam\subsys\Uploader\_PyUploader.pyd
[2009.07.23 20:22:40 | 002,475,304 | ---- | M] () -- \Program Files\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2011.07.22 15:28:10 | 000,042,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2010.10.19 13:40:30 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\Packages\centrum_cz\Skins\centrumSkin\images\XtraPreloader\loader.jpg
[2010.10.19 13:40:30 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\Packages\centrum_cz\Skins\centrumSkin\images\XtraPreloader\loader.swf
[2009.03.01 11:31:26 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2009.03.01 11:31:26 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2010.10.19 13:40:39 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2010.10.19 13:40:43 | 000,552,798 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2010.09.23 13:40:22 | 000,214,528 | ---- | M] () -- \Program Files\JDownloader\JDownloader.exe
[2011.02.27 23:36:49 | 000,593,293 | ---- | M] () -- \Program Files\JDownloader\JDownloader.jar
[2010.11.25 16:43:07 | 000,000,105 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2012.10.29 17:58:51 | 000,011,071 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2012.10.29 17:57:07 | 000,007,073 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\UploaderPl.class
[2010.09.23 13:43:06 | 000,032,222 | ---- | M] () -- \Program Files\JDownloader\licenses\jdownloader.license
[2008.12.06 17:13:52 | 000,001,070 | ---- | M] () -- \Program Files\MediaCoder\extensions\_include\loader.html
[2010.09.01 02:36:32 | 000,023,040 | ---- | M] () -- \Program Files\Microsoft Expression\Blend 4\Microsoft.VisualStudio.AssetSystem.Loader.dll
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.11.25 16:41:48 | 000,000,362 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader Support.lnk
[2010.11.25 16:41:48 | 000,001,097 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader.lnk
[2010.11.25 16:41:55 | 000,001,087 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader\Uninstall JDownloader.lnk
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.06.03 21:48:35 | 049,817,600 | ---- | M] () -- \Stahovani\The.Cold.Light.of.Day.2012.CAM.XviD-M2D.by.Colly.of.PowerUploaders.avi.part
[2010.11.24 15:49:10 | 000,019,456 | ---- | M] () -- \Symbols\api-ms-win-core-libraryloader-l1-1-0.pdb\1B6430CDAA0F4F9595D61A14DAC4BA7E1\api-ms-win-core-libraryloader-l1-1-0.pdb
[2010.11.24 16:33:16 | 000,019,456 | ---- | M] () -- \Symbols\api-ms-win-core-libraryloader-l1-1-0.pdb\2300785E90B14164A36E5313768857AC1\api-ms-win-core-libraryloader-l1-1-0.pdb
[2010.11.24 16:34:10 | 000,068,608 | ---- | M] () -- \Symbols\dmloader.pdb\379A946DCA164B9590851C83ECD5F32E1\dmloader.pdb
[2010.11.24 15:47:06 | 000,084,992 | ---- | M] () -- \Symbols\dmloader.pdb\D89614FF5A014881A633E4C36475583E1\dmloader.pdb
[2010.11.24 16:18:22 | 000,338,944 | ---- | M] () -- \Symbols\upgloader.pdb\0FDFD25BCFF049B8B318AC857832AFB21\upgloader.pdb
[2010.11.24 15:32:18 | 000,363,520 | ---- | M] () -- \Symbols\upgloader.pdb\FEECA36D9E05491CAA7622D4DB53B05D1\upgloader.pdb
[2010.11.25 16:41:48 | 000,000,362 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader Support.lnk
[2010.11.25 16:41:48 | 000,001,097 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader.lnk
[2010.11.25 16:41:55 | 000,001,087 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader\Uninstall JDownloader.lnk
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2010.11.20 14:16:10 | 000,000,046 | ---- | M] () -- \Users\denosek\AppData\Local\SRDownloader.err
[2010.11.20 14:22:41 | 000,000,840 | ---- | M] () -- \Users\denosek\AppData\Local\SRDownloader.nast
[2012.07.04 06:51:35 | 000,000,673 | ---- | M] () -- \Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\ajax-loader.gif
[2011.12.24 23:34:09 | 000,057,728 | ---- | M] () -- \Users\denosek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2011.12.24 23:34:11 | 000,057,728 | ---- | M] () -- \Users\denosek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2011.12.24 23:34:12 | 000,057,728 | ---- | M] () -- \Users\denosek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011.12.24 23:34:14 | 000,057,728 | ---- | M] () -- \Users\denosek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2011.12.24 23:34:15 | 000,057,728 | ---- | M] () -- \Users\denosek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2011.12.24 23:34:16 | 000,061,770 | ---- | M] () -- \Users\denosek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2011.12.24 23:34:17 | 000,061,770 | ---- | M] () -- \Users\denosek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.10.29 09:26:53 | 000,000,753 | ---- | M] () -- \Users\denosek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9QFN0F41\AdLoader[1].htm
[2012.10.29 09:26:53 | 000,105,903 | ---- | M] () -- \Users\denosek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKWE4NEK\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2010.11.25 17:04:22 | 000,000,997 | ---- | M] () -- \Users\denosek\AppData\Roaming\Microsoft\Internet Explorer\JDownloader.lnk
[2012.04.17 23:39:24 | 000,010,145 | ---- | M] () -- \Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\conduitCommon\modules\3.12.0.8\ExternalLibraryLoader.jsm
[2012.05.03 18:54:14 | 000,010,145 | ---- | M] () -- \Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\conduitCommon\modules\3.12.2.3\ExternalLibraryLoader.jsm
[2012.05.30 07:43:28 | 000,010,145 | ---- | M] () -- \Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\conduitCommon\modules\3.13.0.6\ExternalLibraryLoader.jsm
[2012.07.16 22:09:06 | 000,010,145 | ---- | M] () -- \Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\conduitCommon\modules\3.14.1.0\ExternalLibraryLoader.jsm
[2012.08.27 16:56:10 | 000,010,145 | ---- | M] () -- \Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\conduitCommon\modules\3.15.1.0\ExternalLibraryLoader.jsm
[2012.08.27 16:56:10 | 000,010,145 | ---- | M] () -- \Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\modules\ExternalLibraryLoader.jsm
[2012.08.21 09:55:30 | 000,010,145 | ---- | M] () -- \Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\ExternalLibraryLoader.jsm
[2012.08.21 17:00:04 | 000,010,145 | ---- | M] () -- \Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\modules\ExternalLibraryLoader.jsm
[2010.11.15 02:06:58 | 006,162,055 | ---- | M] () -- \Users\denosek\Downloads\Freerapid-Downloader_0.83u1.zip
[2010.11.25 16:40:48 | 029,100,879 | ---- | M] () -- \Users\denosek\Downloads\JDownloader_WIN_Setup.zip
[2009.08.13 16:17:57 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012.05.13 21:11:40 | 000,083,456 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\9cbddfcee12d09b6101cab70831c391d\Microsoft.VisualStudio.AssetSystem.Loader.ni.dll
[2012.10.29 18:03:53 | 000,013,208 | ---- | M] () -- \Windows\Prefetch\JDOWNLOADER.EXE-630521E0.pf
[2010.11.20 07:28:20 | 000,002,838 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_178685823786d34d.manifest
[2010.11.20 07:38:52 | 000,002,838 | ---- | M] () -- \Windows\SoftwareDistribution\Download\033b0c7c2634a2c344c62aab1ebcd6ad\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_d8268e5f2967c990.manifest
[2010.11.20 06:28:20 | 000,002,838 | ---- | M] () -- \Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_178685823786d34d.manifest
[2010.11.20 06:38:52 | 000,002,838 | ---- | M] () -- \Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_d8268e5f2967c990.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012.08.18 12:09:17 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010.10.18 21:58:58 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.10.18 21:58:58 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2010.10.18 21:58:58 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 09:47:30 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f.manifest
[2009.07.14 09:47:30 | 000,035,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f_winload.exe.mui_3bc5b827
[2009.07.14 09:47:30 | 000,030,800 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f_winresume.exe.mui_ff8b5358
[2010.10.19 09:29:52 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2010.10.19 09:29:53 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winload.exe_75835076
[2010.10.19 09:29:53 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010.10.18 21:55:56 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:46:47 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_cd7e3a305679601f.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:975DF3EB93190650

< End of report >

jeste sem projel Externi disk.. kdyby nahodou...

############################## | UsbFix V 7.096 | [Deletion]

User: denosek (Administrator) # MARA
Updated 15/08/2012 by El Desaparecido
Started at 10:17:26 | 30/10/2012

Website: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: MEDIONPC (MS-7621) (X86-based PC) # Desktop Computer
CPU: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz (2200)
RAM -> [Total : 3327 | Free : 1370]
BIOS: Default System BIOS
BOOT: Normal boot

OS: Microsoft Windows 7 Home Premium (6.1.7600 32-Bit) #
WB: Windows Internet Explorer 8.0.7600.16385

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 910 Gb (460 Mb free - 50%) [System] # NTFS
D:\ -> Fixed drive # 20 Gb (13 Mb free - 64%) [Recovery] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
K:\ -> Fixed drive # 1397 Gb (491 Mb free - 35%) [Externi Hdd] # NTFS
M:\ -> CD-ROM

################## | Active Processes |

C:\Windows\system32\csrss.exe (432)
C:\Windows\system32\wininit.exe (484)
C:\Windows\system32\csrss.exe (492)
C:\Windows\system32\services.exe (532)
C:\Windows\system32\lsass.exe (552)
C:\Windows\system32\lsm.exe (560)
C:\Windows\system32\svchost.exe (664)
C:\Windows\system32\svchost.exe (764)
c:\Program Files\Microsoft Security Client\MsMpEng.exe (816)
C:\Windows\system32\winlogon.exe (876)
C:\Windows\System32\svchost.exe (992)
C:\Windows\System32\svchost.exe (1032)
C:\Windows\system32\svchost.exe (1076)
C:\Windows\system32\svchost.exe (1176)
C:\Windows\system32\svchost.exe (1272)
C:\Windows\system32\svchost.exe (1580)
C:\Windows\system32\svchost.exe (1844)
C:\Windows\system32\Dwm.exe (392)
C:\Windows\system32\wbem\unsecapp.exe (2420)
C:\Windows\system32\wbem\wmiprvse.exe (2508)
C:\Windows\system32\svchost.exe (2800)
c:\Program Files\Microsoft Security Client\NisSrv.exe (2904)
C:\Windows\system32\svchost.exe (3812)
C:\Windows\system32\svchost.exe (2736)
C:\Windows\SYSTEM32\WISPTIS.EXE (5740)
C:\Windows\SYSTEM32\WISPTIS.EXE (5724)
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (6340)
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (4192)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (6004)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (4272)
C:\Program Files\Windows Media Player\wmpnetwk.exe (4732)
C:\Windows\system32\SearchIndexer.exe (6748)
C:\Windows\System32\spoolsv.exe (1004)
C:\Windows\Explorer.exe (7648)
C:\Program Files\Mozilla Firefox\firefox.exe (596)
C:\Program Files\Java\jre6\bin\javaw.exe (5756)
C:\Program Files\Mozilla Firefox\plugin-container.exe (7576)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (6348)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (7104)
C:\Windows\System32\dinotify.exe (7016)
C:\Windows\explorer.exe (1368)
C:\Program Files\WinRAR\WinRAR.exe (5892)
C:\Program Files\VideoLAN\VLC\vlc.exe (5392)
C:\Program Files\WinRAR\WinRAR.exe (7672)
\\?\C:\Windows\system32\wbem\WMIADAP.EXE (3236)
C:\Windows\system32\SearchProtocolHost.exe (4080)
C:\Windows\system32\SearchFilterHost.exe (1560)
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe (5108)
C:\Windows\system32\DllHost.exe (4768)
C:\UsbFix\Go.exe (5884)
C:\Windows\system32\wbem\wmiprvse.exe (948)

################## | Stopped processes |

Stopped! c:\Program Files\Microsoft Security Client\MsMpEng.exe (816)
Stopped! c:\Program Files\Microsoft Security Client\NisSrv.exe (2904)
Stopped! C:\Windows\SYSTEM32\WISPTIS.EXE (5740)
Stopped! C:\Windows\SYSTEM32\WISPTIS.EXE (5724)
Stopped! C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (6340)
Stopped! C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (4192)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (6004)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (4272)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (4732)
Stopped! C:\Windows\system32\SearchIndexer.exe (6748)
Stopped! C:\Windows\System32\spoolsv.exe (1004)
Stopped! C:\Program Files\Mozilla Firefox\firefox.exe (596)
Stopped! C:\Program Files\Java\jre6\bin\javaw.exe (5756)
Stopped! C:\Program Files\Mozilla Firefox\plugin-container.exe (7576)
Stopped! C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (7104)
Stopped! C:\Windows\System32\dinotify.exe (7016)
Stopped! C:\Program Files\WinRAR\WinRAR.exe (5892)
Stopped! C:\Program Files\VideoLAN\VLC\vlc.exe (5392)
Stopped! C:\Program Files\WinRAR\WinRAR.exe (7672)

################## | Files # Infected Folders |

Deleted ! C:\$RECYCLE.BIN\S-1-5-21-1176429872-680437442-246994520-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1176429872-680437442-246994520-1000
Deleted ! K:\$RECYCLE.BIN\S-1-5-21-1020463382-2706852814-845235225-1000
Deleted ! K:\$RECYCLE.BIN\S-1-5-21-1172043685-3978291212-700246794-1000
Deleted ! K:\$RECYCLE.BIN\S-1-5-21-1176429872-680437442-246994520-1000
Deleted ! K:\$RECYCLE.BIN\S-1-5-21-1560044924-1333993794-3528237836-1000
Deleted ! K:\$RECYCLE.BIN\S-1-5-21-2483690350-832168919-1997091518-1000
Deleted ! K:\Recycler\S-1-5-21-448539723-854245398-1343024091-1003

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[30/10/2012 - 10:24:07 | SHD ] C:\$RECYCLE.BIN
[10/06/2009 - 22:42:20 | N | 24] C:\autoexec.bat
[30/10/2012 - 09:45:31 | RASHD ] C:\Autorun.inf
[10/06/2009 - 22:42:20 | N | 10] C:\config.sys
[18/10/2010 - 21:33:36 | D ] C:\Dokumente und Einstellungen
[29/10/2012 - 09:51:07 | ASH | 2616643584] C:\hiberfil.sys
[06/06/2012 - 17:22:47 | D ] C:\Install
[18/08/2009 - 13:55:04 | N | 0] C:\IO.SYS
[15/01/2012 - 17:06:09 | D ] C:\Milena
[18/08/2009 - 13:55:04 | N | 0] C:\MSDOS.SYS
[13/08/2009 - 16:16:43 | RD ] C:\MSOCache
[29/10/2012 - 09:51:08 | ASH | 3488862208] C:\pagefile.sys
[29/10/2012 - 19:17:15 | N | 512] C:\PhysicalMBR.bin
[29/10/2012 - 12:13:42 | D ] C:\Program Files
[31/05/2012 - 19:55:40 | D ] C:\ProgramData
[18/10/2010 - 21:33:37 | D ] C:\Programme
[18/10/2010 - 21:33:37 | D ] C:\Recovery
[30/10/2012 - 10:14:25 | D ] C:\Stahovani
[27/02/2011 - 12:55:10 | D ] C:\Symbols
[29/10/2012 - 20:33:17 | SHD ] C:\System Volume Information
[30/10/2012 - 10:24:07 | D ] C:\UsbFix
[30/10/2012 - 10:23:22 | A | 6594] C:\UsbFix.txt
[18/10/2010 - 21:34:53 | D ] C:\Users
[29/10/2012 - 09:51:17 | D ] C:\Windows
[30/10/2012 - 10:24:07 | D ] D:\$RECYCLE.BIN
[30/10/2012 - 09:45:31 | RASHD ] D:\Autorun.inf
[12/09/2009 - 21:58:24 | D ] D:\RECOVER
[27/08/2009 - 16:38:48 | N | 22] D:\swconf.dat
[31/12/2010 - 18:13:06 | SHD ] D:\System Volume Information
[01/09/2009 - 15:13:36 | D ] D:\TOOLS
[01/09/2009 - 15:13:43 | D ] D:\TREIBER
[30/10/2012 - 10:24:07 | D ] K:\$RECYCLE.BIN
[18/12/2011 - 14:28:29 | N | 5175279616] K:\CD_7692.iso
[03/06/2012 - 14:30:01 | D ] K:\columbus
[17/06/2012 - 19:18:59 | D ] K:\DVD
[20/09/2012 - 08:02:30 | D ] K:\Filmy DivX
[02/12/2011 - 19:21:28 | D ] K:\HD filmy
[21/09/2009 - 11:59:42 | D ] K:\Hdd exe nemazat!!
[31/10/2011 - 15:34:12 | D ] K:\Hudba
[03/02/2011 - 23:24:33 | D ] K:\INSTALL
[13/01/2010 - 13:06:36 | D ] K:\msdownld.tmp
[12/01/2010 - 23:19:48 | D ] K:\Notas install Win 7
[02/01/2011 - 19:11:33 | D ] K:\Nová složka
[21/09/2009 - 12:31:16 | D ] K:\Ofice 2007
[29/11/2009 - 23:36:40 | D ] K:\Recorded TV
[21/09/2009 - 16:12:33 | D ] K:\RECYCLER
[02/12/2011 - 19:11:55 | D ] K:\Serialy DivX
[21/09/2012 - 10:58:07 | D ] K:\Smazat
[02/01/2011 - 19:15:05 | D ] K:\Stahovani
[31/12/2010 - 18:14:43 | SHD ] K:\System Volume Information
[13/01/2010 - 14:22:09 | D ] K:\Windows 7 Ultimate 32 bit CZ

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
K:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_MARA.zip
http://eldesaparecido.com/upload.php
Thank you for your contribution.

################## | E.O.F |

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
  DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install)
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys -- (Profos)
  DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\denosek\AppData\Local\Temp\mbr.sys -- (mbr)
  IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
  IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found
  IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
  IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
  IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 685&query={searchTerms}&invocationType=tb50winampie7
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&sourceid=quicksearch_6826
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=quicksearch_6826
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=Qmz_q7i2 ... 34bM3Vs?q={searchTerms}
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{DC010BAC-595F-44CE-9915-A040C01635F8}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
  IE - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 685&query={searchTerms}&invocationType=tb50winampie7
  FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
  FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
  FF - prefs.js..browser.search.selectedEngine: "uTorrentControl2 Customized Web Search"
  FF - prefs.js..browser.search.suggest.enabled: false
  FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
  [2010.10.19 13:26:00 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
  [2012.08.29 10:30:43 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
  [2012.08.21 11:06:06 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
  [2012.08.22 14:16:42 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
  [2012.02.24 11:05:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
  [2012.05.31 18:37:38 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\engine@conduit.com
  [2012.09.17 21:40:30 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com
  CHR - homepage: http://search.conduit.com/?ctid=CT30722 ... hSource=48
  CHR - default_search_provider: Conduit (Enabled)
  CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3072253
  CHR - default_search_provider: suggest_url = http://search.conduit.com/
  CHR - homepage: http://search.conduit.com/?ctid=CT30722 ... hSource=48
  CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
  CHR - Extension: uTorrentControl2 = C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\
  O3 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
  O3 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
  O3 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
  O3 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found.
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
  O15 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..Trusted Domains: localhost ([]http in Local intranet)
  O15 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
  O15 - HKU\S-1-5-21-1176429872-680437442-246994520-1000\..Trusted Ranges: GD ([http] in Local intranet)
  [2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [2012.10.29 18:54:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  [2012.10.29 09:51:21 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  [2012.10.29 19:34:07 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  [2012.10.24 05:45:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000Core.job
  [2012.10.29 19:45:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000UA.job
  @Alternate Data Stream - 24 bytes -> C:\Windows:975DF3EB93190650
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "CLMLServer"=-
  "UCam_Menu"=-
  "YouCam Mirror Tray icon"=-
  "RemoteControl9"=-
  "PDVD9LanguageShortcut"=-
  "BDRegion"=-
  "RemoteControl10"=-
  "TkBellExe"=-
  "CloneCDTray"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Google Update"=-
  "DAEMON Tools Lite"=-
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
Error: No service named Winsock - Google Desktop Search Backup Before Last Install was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock - Google Desktop Search Backup Before Last Install deleted successfully.
Error: No service named Winsock - Google Desktop Search Backup Before First Install was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock - Google Desktop Search Backup Before First Install deleted successfully.
Service Profos stopped successfully!
Service Profos deleted successfully!
File C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys not found.
Error: No service named mbr was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mbr deleted successfully.
File C:\Users\denosek\AppData\Local\Temp\mbr.sys not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
HKU\S-1-5-21-1176429872-680437442-246994520-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{399a1442-7377-49e7-8d77-6dc9ed5968c1}\ not found.
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5cf5d387-d87c-4408-9a6b-301b0713d62a}\ not found.
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DC010BAC-595F-44CE-9915-A040C01635F8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC010BAC-595F-44CE-9915-A040C01635F8}\ not found.
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eb97f7df-1773-4916-aae6-5af74da8c69d}\ not found.
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
Prefs.js: "uTorrentControl2 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "uTorrentControl2 Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: false removed from browser.search.suggest.enabled
Prefs.js: "http://search.conduit.com/ResultsExt.as ... ource=2&q=" removed from keyword.URL
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\searchplugin folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\Plugins folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\modules folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\META-INF folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\defaults folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\chrome folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\Plugins folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\searchplugin folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\Plugins folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\modules folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\META-INF folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\defaults folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\chrome folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\modules folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\META-INF folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\defaults\preferences folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\defaults folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\components folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\skin\modern\images folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\skin\modern folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\skin folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\zh-TW folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\zh-CN folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\vi folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\uk-UA folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\tr-TR folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\sv-SE folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\sk-SK folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\ru-RU folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\ro folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\pt-PT folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\pt-BR folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\pl-PL folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\nn-NO folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\nl folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\ko-KR folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\ja-JP folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\it-IT folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\hu-HU folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\fy-NL folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\fr folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\fi-FI folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\eu-ES folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\et-EE folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\es-ES folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\en-US folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\el-GR folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\de folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\da-DK folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\cs-CZ folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\bn-IN folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\bg-BG folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale\ar folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\locale folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\content\shared folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome\content folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com\chrome folder moved successfully.
C:\Users\denosek\AppData\Roaming\mozilla\Firefox\Profiles\4brtbfr2.default\extensions\foxmarks@kei.com folder moved successfully.
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
File internal-remoting-viewer not found.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\plugins folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Options folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\rssItem folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\popup folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\icons\useful_components folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\icons\urlGadget folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\icons folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\base64\searchBox folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\base64\rssItem folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\base64\ifarme folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\base64\icons folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\base64\dyamincMenu folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media\base64 folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Media folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\utils\interface folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\utils folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\usage folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\translation folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\toolbarsManager folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\toolbarInfo folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\settings folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\serviceMap folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\login folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\jsonData folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\feed folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\cookieMonster folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\ContextMenuService folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\aliasReplace folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\alerts folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services\404 folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\services folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\popup\view folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\popup\controller folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\popup folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\model folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\lib folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\xmlMenu\view folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\xmlMenu\model folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\xmlMenu\controller folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\xmlMenu folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\urlGadget\view folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\urlGadget\model folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\urlGadget\controller folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\urlGadget folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\multiRssItem\view folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\multiRssItem\model folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\multiRssItem\controller folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\multiRssItem folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\menuPanel\view folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\menuPanel\model folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\menuPanel\controller folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\menuPanel folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\gadgets\view folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\gadgets\model folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\gadgets folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\factories\view folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\factories\model folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\factories folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\dynamicMenu\view folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\dynamicMenu\model folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\dynamicMenu\controller folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\dynamicMenu\consts folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\dynamicMenu folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\contextMenu\view folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\contextMenu\model folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\contextMenu\controller folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\contextMenu folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\container folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\components\view\InjectScript folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\components\view folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\components\model folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\components\controller folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\components folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items\about folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\items folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\css folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\controller folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\compatibility folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\API\Toolbar folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\API\Component\view folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\API\Component\model folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\API\Component\controller folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\API\Component folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js\API folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\js folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\Css folder moved successfully.
C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0 folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{687578B9-7132-4A7A-80E4-30EE31099E03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}\ not found.
Registry value HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
Registry value HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1176429872-680437442-246994520-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB423.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF24B.tmp folder deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000UA.job moved successfully.
ADS C:\Windows:975DF3EB93190650 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CLMLServer deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UCam_Menu deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\YouCam Mirror Tray icon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl9 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PDVD9LanguageShortcut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BDRegion deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CloneCDTray deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: denosek
->Temp folder emptied: 707082 bytes
->Temporary Internet Files folder emptied: 3335262 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 72216751 bytes
->Google Chrome cache emptied: 819568 bytes
->Flash cache emptied: 2092 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 914 bytes
RecycleBin emptied: 24377164079 bytes

Total Files Cleaned = 23.321,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: denosek
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: denosek
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10302012_204406

Jak se chova PC

pc vydava zvuk jako kdyz v nem je CD nebo dvd... a pritom v nem neni..
a naskoci ikonka kurzoru joko ze je cd v mechanice.
co to muze byt?

A nechce instalovat nejake ovladace nebo tak? Pripadne zkuste restart sytemu ci to bude stale tak

restart sem udelal a dělat to stale...

a Microsoft Office Outlook 2007 při startu hodi hlášku

c:/progra-1/eset/sestsm-1/eplgou-3.dll ...... nelze načist a byl aplikaci Microsoft Office Outlook zakazan

Tam bude problem s Office (Outlookem), dejte instalacni CD a provedte jejich opravu

a jinak uz je pc OK?