VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2012-12-23 13:02:51
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 208 GB (41%) free of 512 GB
Total RAM: 16364 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:02:58, on 23.12.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\PROGRA~2\DUMETE~1\DUMeter.exe
C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
C:\Program Files (x86)\Cyberlink\PowerDVD12\PowerDVD12Agent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WebIE.dll
O4 - HKLM\..\Run: [HP KEYBOARDx] "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"
O4 - HKLM\..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
O4 - HKLM\..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [InstantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKCU\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~2\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~2\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GeekBuddy Remote Screen Protocol (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15718 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe"
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"taskhost.exe"
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {A2808FB7-B5BA-43D3-8D06-67F7DB504B7F}
"C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
"C:\Program Files (x86)\DU Meter\DUMeterSvc.exe" /startedbyscm:E1F6D4BE-40E33354-DUMeterService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe" -service
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
C:\Windows\System32\svchost.exe -k HPZ12
\??\C:\Windows\system32\conhost.exe "-330768004346493186-1644757861251612295-1783210501857829724-714200906-223066915
"C:\Program Files\OO Software\Defrag\oodag.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000009c0
C:\Windows\system32\svchost.exe -k HPService
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-70133f35-45b6-4db7-b6f2-1f7ffdd0ee4e -SystemEventPortName:HostProcess-43b3c67f-e165-4a92-a2fe-62fd01046d2a -IoCancelEventPortName:HostProcess-72c61e5b-26fb-4a0c-a88c-49e3e751a6c9 -NonStateChangingEventPortName:HostProcess-3635d7f3-be1d-4144-8485-56dca3a20d25 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9e7a1814-67b6-478c-b02b-b74ba053cf99 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe"
C:\PROGRA~2\DUMETE~1\DUMeter.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe"
"C:\Program Files (x86)\Comodo\GeekBuddy\unit" "\"C:/Program Files (x86)/Comodo/GeekBuddy/lps-cspm\""
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Officejet 4500 G510g-m#1323196460" -Startup
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\Cyberlink\Shared files\brs.exe"
"C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe"
"C:\Program Files (x86)\Cyberlink\PowerDVD12\PowerDVD12Agent.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\totalcmd\TOTALCMD64.EXE"
"L:\Smetiště\Download\Programy\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForPetr.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-25 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-06-09 1747272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL [2012-03-07 118168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-25 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WebIE.dll [2012-07-22 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-06-09 1598792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WebIE.dll [2012-07-22 798771]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-06-10 1128448]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 9577680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"=C:\Program Files (x86)\DU Meter\DUMeter.exe [2009-03-13 1216931]
"Nektra OEAPI"= []
"OEXPRESS"= []
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2011-08-17 4527424]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2012-12-21 1354736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-11-15 821144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-11-17 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO]
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPA]
C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2011-08-17 4527424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe [2012-01-06 1446760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iolo Startup]
C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe [2012-01-06 606904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyGarminAgent]
C:\Program Files (x86)\Garmin\MyGarminAgent\MyGarminAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-09-20 1493288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Presto! PVR Monitor]
C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP KEYBOARDx"=C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [2010-02-11 710656]
"BATINDICATOR"=C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2009-05-09 2068992]
"LaunchHPOSIAPP"=C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [2009-04-04 385024]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-12-11 384800]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-11-17 75048]
"InstantBurn"=C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe [2012-02-02 701736]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe [2011-10-28 107816]
"CLVirtualDrive"=C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-02-16 487720]
"PowerDVD12Agent"=C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [2012-03-22 371256]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Start GeekBuddy.lnk - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ioloSystemService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"wave5"=wdmaud.drv
"wave6"=wdmaud.drv
"wave7"=wdmaud.drv
"wave8"=wdmaud.drv
"wave9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-12-23 11:16:06 ----A---- C:\GG.txt
2012-12-22 12:04:18 ----D---- C:\ProgramData\CPA_VA
2012-12-21 20:11:22 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-21 20:11:22 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-21 20:11:22 ----A---- C:\Windows\system32\atmlib.dll
2012-12-21 20:11:22 ----A---- C:\Windows\system32\atmfd.dll
2012-12-21 19:32:58 ----D---- C:\Program Files (x86)\Steam
2012-12-21 19:02:41 ----D---- C:\Users\Petr\AppData\Roaming\dvdcss
2012-12-19 08:01:20 ----D---- C:\Users\Petr\AppData\Roaming\TeamViewer
2012-12-15 19:21:08 ----D---- C:\Users\Petr\AppData\Roaming\Stellarium
2012-12-15 19:20:21 ----D---- C:\Program Files (x86)\Stellarium
2012-12-13 21:00:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-12-13 21:00:38 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-13 21:00:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-12-13 21:00:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-12-13 21:00:37 ----A---- C:\Windows\SYSWOW64\url.dll
2012-12-13 21:00:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-12-13 21:00:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-12-13 21:00:37 ----A---- C:\Windows\system32\urlmon.dll
2012-12-13 21:00:37 ----A---- C:\Windows\system32\url.dll
2012-12-13 21:00:37 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-13 21:00:37 ----A---- C:\Windows\system32\jscript9.dll
2012-12-13 21:00:37 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-13 21:00:37 ----A---- C:\Windows\system32\ieui.dll
2012-12-13 21:00:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-12-13 21:00:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-12-13 21:00:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-12-13 21:00:36 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-12-13 21:00:36 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-12-13 21:00:36 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-12-13 21:00:36 ----A---- C:\Windows\system32\wininet.dll
2012-12-13 21:00:36 ----A---- C:\Windows\system32\vbscript.dll
2012-12-13 21:00:36 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-13 21:00:36 ----A---- C:\Windows\system32\jscript.dll
2012-12-13 21:00:36 ----A---- C:\Windows\system32\iertutil.dll
2012-12-13 21:00:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-12-13 21:00:34 ----A---- C:\Windows\system32\mshtml.dll
2012-12-13 21:00:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-12-13 21:00:33 ----A---- C:\Windows\system32\ieframe.dll
2012-12-13 17:37:27 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-12-13 17:37:27 ----A---- C:\Windows\system32\tzres.dll
2012-12-13 17:32:21 ----A---- C:\Windows\system32\win32k.sys
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-13 17:27:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-13 17:27:19 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-12-13 17:27:19 ----A---- C:\Windows\SYSWOW64\user.exe
2012-12-13 17:27:19 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-12-13 17:27:19 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-12-13 17:27:19 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-12-13 17:27:19 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-12-13 17:27:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-12-13 17:27:19 ----A---- C:\Windows\system32\wow64win.dll
2012-12-13 17:27:19 ----A---- C:\Windows\system32\wow64cpu.dll
2012-12-13 17:27:19 ----A---- C:\Windows\system32\wow64.dll
2012-12-13 17:27:19 ----A---- C:\Windows\system32\winsrv.dll
2012-12-13 17:27:19 ----A---- C:\Windows\system32\ntvdm64.dll
2012-12-13 17:27:19 ----A---- C:\Windows\system32\KernelBase.dll
2012-12-13 17:27:19 ----A---- C:\Windows\system32\kernel32.dll
2012-12-13 17:27:19 ----A---- C:\Windows\system32\conhost.exe
2012-12-13 17:27:06 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2012-12-13 17:27:06 ----A---- C:\Windows\system32\dpnet.dll
2012-12-12 17:15:51 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2012-12-09 08:19:01 ----D---- C:\ProgramData\Orbit
2012-12-09 08:08:34 ----D---- C:\Program Files (x86)\Far Cry 3
2012-12-08 11:01:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-12-07 19:26:22 ----SHD---- C:\Windows\ftpcache
2012-12-04 09:41:28 ----A---- C:\Windows\SYSWOW64\drivers\CFRMD.sys
2012-12-02 15:31:47 ----D---- C:\Users\Petr\AppData\Roaming\DivX
2012-12-02 14:41:22 ----A---- C:\Windows\system32\drivers\CLVirtualDrive.sys
2012-12-02 14:39:44 ----D---- C:\Program Files (x86)\DivX
2012-12-02 14:37:16 ----A---- C:\Windows\system32\drivers\CLBUDF.sys
2012-12-02 14:37:10 ----A---- C:\Windows\system32\drivers\CLBStor.sys
2012-12-01 19:29:10 ----D---- C:\Users\Petr\AppData\Roaming\CyberLink
2012-12-01 19:21:52 ----D---- C:\ProgramData\PDVD
2012-12-01 19:20:26 ----D---- C:\ProgramData\install_clap
2012-12-01 16:40:45 ----D---- C:\Users\Petr\AppData\Roaming\Corel
2012-12-01 16:40:45 ----D---- C:\ProgramData\Protexis
2012-12-01 16:40:16 ----HD---- C:\Windows\msdownld.tmp
2012-12-01 16:39:02 ----D---- C:\ProgramData\Corel
2012-11-25 15:13:43 ----D---- C:\ProgramData\RELOADED
2012-11-24 07:59:01 ----D---- C:\Users\Petr\AppData\Roaming\Apple Computer

======List of files/folders modified in the last 1 month======

2012-12-23 13:02:58 ----D---- C:\Windows\Temp
2012-12-23 13:02:58 ----D---- C:\Windows\Prefetch
2012-12-23 13:02:58 ----D---- C:\Program Files\trend micro
2012-12-23 12:31:13 ----D---- C:\Windows\system32\config
2012-12-23 08:23:50 ----A---- C:\Windows\SYSWOW64\log.txt
2012-12-23 08:21:54 ----D---- C:\ProgramData\PDFC
2012-12-23 08:21:32 ----D---- C:\ProgramData\NVIDIA
2012-12-23 08:21:22 ----D---- C:\ProgramData\truesuite
2012-12-22 17:59:08 ----D---- C:\Windows\SysWOW64
2012-12-22 17:59:06 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-12-22 15:10:40 ----AD---- C:\Windows
2012-12-22 12:17:06 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Pro
2012-12-22 12:17:05 ----D---- C:\Users\Petr\AppData\Roaming\Media Player Classic
2012-12-22 12:17:03 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2012-12-22 12:07:16 ----D---- C:\Windows\inf
2012-12-22 12:07:14 ----D---- C:\Windows\Logs
2012-12-22 12:07:14 ----D---- C:\Windows\debug
2012-12-22 12:05:11 ----D---- C:\Windows\SYSWOW64\drivers
2012-12-22 12:04:31 ----SHD---- C:\Windows\Installer
2012-12-22 12:04:31 ----HD---- C:\Config.Msi
2012-12-22 12:04:28 ----D---- C:\Program Files (x86)\Comodo
2012-12-22 12:04:28 ----D---- C:\Program Files (x86)\Common Files
2012-12-22 12:04:18 ----HD---- C:\ProgramData
2012-12-22 12:04:18 ----D---- C:\Program Files\COMODO
2012-12-22 12:00:23 ----D---- C:\ProgramData\Comodo
2012-12-22 08:24:39 ----D---- C:\Windows\system32\catroot2
2012-12-22 08:24:09 ----D---- C:\Windows\winsxs
2012-12-22 08:23:09 ----D---- C:\Windows\System32
2012-12-21 20:11:30 ----D---- C:\Windows\system32\catroot
2012-12-21 20:11:16 ----SHD---- C:\System Volume Information
2012-12-21 19:32:58 ----RD---- C:\Program Files (x86)
2012-12-21 19:10:46 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2012-12-21 14:26:53 ----D---- C:\ProgramData\CyberLink
2012-12-21 12:03:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-21 09:29:42 ----D---- C:\Program Files (x86)\Activision
2012-12-16 11:48:08 ----D---- C:\VueScan
2012-12-15 17:37:07 ----D---- C:\Windows\Tasks
2012-12-15 17:37:07 ----D---- C:\Windows\system32\Tasks
2012-12-14 19:21:39 ----D---- C:\Windows\rescache
2012-12-14 17:22:50 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-12-14 17:22:50 ----D---- C:\Windows\system32\cs-CZ
2012-12-14 17:22:47 ----D---- C:\Windows\AppPatch
2012-12-14 17:22:46 ----D---- C:\Windows\SYSWOW64\migration
2012-12-14 17:22:46 ----D---- C:\Windows\system32\migration
2012-12-14 17:22:46 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-14 17:22:45 ----D---- C:\Program Files\Internet Explorer
2012-12-13 21:03:00 ----D---- C:\ProgramData\Microsoft Help
2012-12-13 21:01:33 ----A---- C:\Windows\system32\MRT.exe
2012-12-13 16:44:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-12 20:05:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-12-12 19:31:00 ----D---- C:\Windows\system32\FxsTmp
2012-12-10 17:44:58 ----D---- C:\RTSStavitel
2012-12-09 08:20:59 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-12-02 15:52:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-02 15:52:33 ----D---- C:\Program Files (x86)\Cyberlink
2012-12-02 15:48:44 ----D---- C:\Users\Petr\AppData\Roaming\Smarty Uninstaller
2012-12-02 14:45:10 ----D---- C:\ProgramData\Temp
2012-12-02 14:43:35 ----RSD---- C:\Windows\Fonts
2012-12-02 14:41:22 ----DC---- C:\Windows\system32\DRVSTORE
2012-12-02 14:41:22 ----D---- C:\Windows\system32\drivers
2012-12-01 18:34:43 ----A---- C:\Windows\SYSWOW64\msxml3a.dll
2012-12-01 18:34:42 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2012-12-01 16:57:52 ----D---- C:\Windows\system32\NDF
2012-12-01 16:40:44 ----D---- C:\Users\Petr\AppData\Roaming\Ulead Systems
2012-12-01 16:38:01 ----D---- C:\Program Files (x86)\Corel
2012-12-01 16:37:51 ----RSD---- C:\Windows\assembly
2012-11-28 15:41:44 ----D---- C:\Program Files (x86)\Pinnacle

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2012-02-12 132704]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2011-04-26 557848]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-01-03 530488]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-12-11 129216]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
R1 CLBStor;InstantBurn Storage Helper Driver; C:\Windows\system32\DRIVERS\CLBStor.sys [2012-02-02 24560]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-26 90608]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-11-08 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-05 271424]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\ElRawDsk.sys [2008-12-09 23464]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-11-08 94288]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-12-11 99912]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
R3 appliandMP;appliandMP; C:\Windows\system32\DRIVERS\appliand.sys [2010-06-24 33888]
R3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [2011-01-14 19088]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-03-03 174184]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-06-10 528384]
R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-04-21 131656]
R3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-04-21 399944]
S1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys []
S2 CLBUDFbk;CyberLink InstantBurn UDF Filesystem; C:\Windows\system32\drivers\CLBUDFbk.sys []
S3 appliand;Applian Network Service; C:\Windows\system32\DRIVERS\appliand.sys [2010-06-24 33888]
S3 AVerPola;AVerMedia USB Polaris Series Capture Service; C:\Windows\system32\DRIVERS\AVerPola.sys [2011-01-04 534144]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 OxPPort;OxPPort; C:\Windows\system32\drivers\OxPPort.sys [2008-07-31 98304]
S3 OxSer;OxSer; C:\Windows\system32\drivers\OxSer.sys [2009-09-16 98352]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pmxdrv;pmxdrv; \??\C:\Windows\system32\drivers\pmxdrv.sys [2011-11-03 31152]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-12-11 109344]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-03-22 87928]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [2012-11-01 70352]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-03-22 75640]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-03-22 296824]
R2 DUMeterSvc;DU Meter Service; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [2009-03-13 552052]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-06-09 264008]
R2 GeekBuddyRSP;GeekBuddy Remote Screen Protocol; C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [2012-10-31 1467088]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ioloSystemService;iolo System Service; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-01-06 722616]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2012-07-17 8192]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-30 1005160]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-06-29 3246920]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-09 76888]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2012-05-10 247152]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-06-10 302592]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-30 378472]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-03 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-03 116648]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-08 115168]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-19 489256]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

OTL logfile created on: 12/24/2012 11:43:26 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

15.98 Gb Total Physical Memory | 13.45 Gb Available Physical Memory | 84.14% Memory free
31.96 Gb Paging File | 29.24 Gb Available in Paging File | 91.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 500.00 Gb Total Space | 202.99 Gb Free Space | 40.60% Space Free | Partition Type: NTFS
Drive D: | 9.06 Gb Total Space | 1.10 Gb Free Space | 12.17% Space Free | Partition Type: NTFS
Drive J: | 6.61 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive L: | 422.35 Gb Total Space | 87.16 Gb Free Space | 20.64% Space Free | Partition Type: NTFS

Computer Name: PETR-HP | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/12/24 11:38:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
PRC - [2012/12/21 19:33:41 | 001,354,736 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/12/11 18:10:47 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/12/11 18:08:16 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/12/11 18:08:15 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/12/09 08:20:59 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/12/08 11:01:21 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/11/01 08:52:54 | 000,875,728 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
PRC - [2012/11/01 08:52:52 | 000,877,264 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
PRC - [2012/11/01 08:52:52 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
PRC - [2012/10/31 15:46:38 | 001,467,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
PRC - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/17 18:23:39 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2012/07/17 18:23:39 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe
PRC - [2012/03/22 03:12:55 | 000,296,824 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012/03/22 03:12:51 | 000,075,640 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012/03/22 03:12:49 | 000,087,928 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012/03/22 02:51:05 | 000,371,256 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Cyberlink\PowerDVD12\PowerDVD12Agent.exe
PRC - [2012/01/06 11:26:06 | 000,722,616 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2011/10/28 02:27:11 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2011/08/17 08:29:20 | 004,527,424 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
PRC - [2011/08/17 08:28:14 | 003,120,448 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2011/06/09 13:37:18 | 000,264,008 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/06/09 13:37:00 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/06/09 13:36:34 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/05/06 00:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/03/30 08:41:10 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/24 08:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/02/01 08:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 08:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/11/17 21:29:20 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/02/11 18:07:54 | 000,710,656 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
PRC - [2009/07/02 22:58:40 | 000,406,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
PRC - [2009/05/09 00:39:48 | 002,068,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
PRC - [2009/05/09 00:11:00 | 002,068,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
PRC - [2009/03/13 13:13:13 | 001,216,931 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe
PRC - [2009/03/13 13:13:13 | 000,552,052 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
PRC - [2009/02/28 03:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
PRC - [2008/11/20 18:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

========== Modules (No Company Name) ==========

MOD - [2012/12/21 20:08:54 | 000,647,168 | ---- | M] () -- C:\Program Files (x86)\Steam\sdl.dll
MOD - [2012/12/21 20:08:44 | 020,320,240 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/12/21 20:08:44 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/12/21 20:08:44 | 000,969,280 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/12/21 20:08:44 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/12/21 20:08:44 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/12/08 11:01:20 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/03/22 02:47:22 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd
MOD - [2011/10/28 09:27:12 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvcPS.dll
MOD - [2011/10/28 02:27:11 | 000,623,912 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMediaLibrary.dll
MOD - [2011/08/24 03:39:11 | 000,655,360 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Common\Koan\_ssl.pyd
MOD - [2011/08/24 03:39:11 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Common\Koan\_ctypes.pyd
MOD - [2011/08/24 03:39:11 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Common\Koan\_socket.pyd
MOD - [2011/03/30 08:40:56 | 000,237,160 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/07/02 22:58:40 | 000,406,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
MOD - [2009/02/28 03:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
MOD - [2009/02/20 01:22:50 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/11/08 00:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2011/06/29 17:25:12 | 003,246,920 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV:64bit: - [2011/06/10 11:35:04 | 000,302,592 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/10/11 10:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/03/03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/12/12 20:05:35 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/11 18:10:47 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/12/11 18:08:16 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/12/09 08:20:59 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/12/08 11:01:20 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/11/01 08:52:52 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher)
SRV - [2012/10/31 15:46:38 | 001,467,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/17 18:23:39 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2012/03/22 03:12:55 | 000,296,824 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012/03/22 03:12:51 | 000,075,640 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2012/03/22 03:12:49 | 000,087,928 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012/01/06 11:26:06 | 000,722,616 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/06/09 13:37:18 | 000,264,008 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/05/06 00:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/03/30 08:41:10 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/02/24 08:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/02/01 08:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 08:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/13 13:13:13 | 000,552,052 | ---- | M] (Hagel Technologies Ltd.) [Auto | Running] -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe -- (DUMeterSvc)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/11 18:11:20 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/12/11 18:11:20 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/09/24 08:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/12 15:41:27 | 000,132,704 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2012/02/05 18:12:37 | 000,271,424 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/02/02 17:28:38 | 000,024,560 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLBStor.sys -- (CLBStor)
DRV:64bit: - [2012/01/03 12:20:01 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/12/26 21:37:42 | 000,090,608 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2011/11/03 23:48:05 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:64bit: - [2011/11/03 23:29:55 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/11/03 23:29:55 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/07/13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:64bit: - [2011/07/13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:64bit: - [2011/06/10 11:35:04 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/06/08 09:22:34 | 000,268,416 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\OEMDrv.sys -- (X86BDA)
DRV:64bit: - [2011/04/26 20:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/22 11:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/21 13:07:22 | 000,399,944 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tixhci.sys -- (tixhci)
DRV:64bit: - [2011/04/21 13:07:22 | 000,131,656 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tihub3.sys -- (tihub3)
DRV:64bit: - [2011/03/03 18:59:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/01/04 06:47:50 | 000,534,144 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerPola.sys -- (AVerPola)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 12:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/01 12:09:50 | 000,224,488 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2010/07/01 12:09:50 | 000,039,016 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2010/06/24 13:46:14 | 000,033,888 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\appliand.sys -- (appliandMP)
DRV:64bit: - [2010/06/24 13:46:14 | 000,033,888 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appliand.sys -- (appliand)
DRV:64bit: - [2009/09/16 08:37:14 | 000,098,352 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\OxSer.sys -- (OxSer)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/17 18:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008/12/09 09:59:28 | 000,023,464 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2008/07/31 12:13:26 | 000,098,304 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\OxPPort.sys -- (OxPPort)
DRV:64bit: - [2007/02/16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2012/12/04 09:41:28 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD)
DRV - [2011/10/27 07:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
DRV - [2011/01/14 07:53:54 | 000,019,088 | ---- | M] (Hagel Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\DU Meter\DUMetr64.sys -- (DUMeterDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/02/16 01:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDF
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE:64bit: - HKLM\..\SearchScopes\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDF
IE - HKLM\..\SearchScopes,DefaultScope = Yandex
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKLM\..\SearchScopes\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKLM\..\SearchScopes\Yandex: "URL" = http://yandex.ru/yandsearch?clid=193835 ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.cz/
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes,DefaultScope = {0388404D-6072-4CEB-B521-8F090FEAEE57}
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://us.search.yahoo.com/search?p={se ... chr-comodo
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\Moikrug: "URL" = http://moikrug.ru/persons/?clid=193835& ... ubmitted=1
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\Yandex: "URL" = http://yandex.ru/yandsearch?clid=193835 ... earchTerms}
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: %7B85E85FF9-E50C-42DE-8A3D-61485FD6C8DB%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "http://us.search.yahoo.com/search?fr=ytff-comodo&p="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/12/06 19:32:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/12/09 19:11:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/08 11:01:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/12/12 17:15:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/12/06 19:32:39 | 000,000,000 | ---D | M]

[2012/03/25 08:25:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Extensions
[2012/12/20 09:37:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions
[2012/07/22 15:54:23 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2012/11/29 19:00:21 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/03/25 08:25:33 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012/11/21 18:45:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/12/20 09:37:37 | 000,000,000 | ---D | M] (IDM CC) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com
[2012/11/24 08:58:06 | 000,000,000 | ---D | M] (ĐšĐ°ĐĽĐżĐ°Đ˝ĐµĐ˝Ń‚ "ĐĐ»ĐµĐĽĐµĐ˝Ń‚Ń‹ ĐŻĐ˝Đ´ĐµĐşŃĐ°") -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru
[2012/03/25 07:54:18 | 000,011,801 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}.xpi
[2012/03/25 08:25:31 | 000,002,515 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\searchplugins\Search_Results.xml
[2011/12/08 21:11:01 | 000,001,390 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\searchplugins\yahoo-zugo.xml
[2012/12/10 13:55:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/10 13:55:32 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
[2012/12/08 11:01:21 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/20 10:34:24 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012/06/20 10:34:24 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012/03/25 08:25:31 | 000,002,515 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012/06/20 10:34:24 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012/06/20 10:34:24 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012/06/20 10:34:24 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://us.yahoo.com?fr=fpc-comodo

O1 HOSTS File: ([2012/04/09 07:10:11 | 000,000,352 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O2:64bit: - BHO: (no name) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WebIE.dll ()
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WebIE.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP KEYBOARDx] C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Hewlett-Packard)
O4 - HKLM..\Run: [InstantBurn] C:\Program Files (x86)\Cyberlink\InstantBurn\Win2K\IBurn.exe (CyberLink Corporation.)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001..\Run: [Nektra OEAPI] File not found
O4 - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O9:64bit: - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files (x86)\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE_x64.dll ()
O9:64bit: - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files (x86)\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE_x64.dll ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files (x86)\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll ()
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files (x86)\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9490A4DC-7FF1-4C1C-8FD3-4776EE72017E}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/11/12 16:57:17 | 000,000,076 | R--- | M] () - J:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{20a254c0-20e3-11e1-93e2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{20a254c0-20e3-11e1-93e2-806e6f6e6963}\Shell\AutoRun\command - "" = K:\Autorun.exe
O33 - MountPoints2\{94d5793d-5002-11e1-b420-3860774043b7}\Shell - "" = AutoRun
O33 - MountPoints2\{94d5793d-5002-11e1-b420-3860774043b7}\Shell\AutoRun\command - "" = J:\Setup.exe -- [2012/11/12 16:57:17 | 001,132,674 | R--- | M] (Activision )
O33 - MountPoints2\{ad9533c1-6de5-11e1-9d9b-3860774043b7}\Shell - "" = AutoRun
O33 - MountPoints2\{ad9533c1-6de5-11e1-9d9b-3860774043b7}\Shell\AutoRun\command - "" = M:\iStudio.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Setup.exe -- [2012/11/12 16:57:17 | 001,132,674 | R--- | M] (Activision )
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.dvacm_vspx5 - c:\Program Files (x86)\Corel\Corel VideoStudio Ultimate X5\Common Files\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/12/24 11:39:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2012/12/22 12:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Comodo
[2012/12/22 12:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012/12/21 20:11:22 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/21 20:11:22 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/21 20:11:22 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/21 20:11:22 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/21 19:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/12/21 19:32:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/12/21 19:02:41 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\dvdcss
[2012/12/20 14:32:20 | 000,000,000 | ---D | C] -- C:\Users\Petr\Documents\FLiNGTrainer
[2012/12/19 08:01:20 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\TeamViewer
[2 C:\Users\Petr\Documents\*.tmp files -> C:\Users\Petr\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/12/24 11:44:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/12/24 11:38:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2012/12/24 11:03:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/24 10:54:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/24 09:17:36 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/12/24 09:17:36 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/12/24 08:43:15 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/24 08:43:15 | 000,027,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/24 08:35:44 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/24 08:35:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/24 08:35:36 | 4279,484,414 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/24 08:35:35 | 001,086,325 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2012/12/23 17:53:49 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/12/22 12:04:28 | 000,002,045 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2012/12/22 08:23:38 | 000,522,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/21 19:33:00 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/12/21 12:03:01 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/21 12:03:01 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012/12/21 12:03:01 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/21 12:03:01 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012/12/21 12:03:01 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/21 09:39:29 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II.lnk
[2012/12/20 09:18:28 | 000,048,532 | ---- | M] () -- C:\Users\Petr\Desktop\riozdenek@juno.com.pdf
[2012/12/18 13:12:21 | 000,000,047 | ---- | M] () -- C:\trl.cfg
[2 C:\Users\Petr\Documents\*.tmp files -> C:\Users\Petr\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/24 11:44:51 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/12/22 12:04:28 | 000,002,045 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2012/12/21 19:33:00 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/12/21 09:39:29 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II.lnk
[2012/12/20 09:16:49 | 000,048,532 | ---- | C] () -- C:\Users\Petr\Desktop\riozdenek@juno.com.pdf
[2012/12/18 13:12:11 | 000,000,047 | ---- | C] () -- C:\trl.cfg
[2012/07/17 18:25:49 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe
[2012/07/17 18:25:49 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2012/03/25 10:44:09 | 000,004,972 | ---- | C] () -- C:\ProgramData\ojobkspa.ako
[2012/02/11 11:05:01 | 000,007,605 | ---- | C] () -- C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
[2012/02/08 15:56:53 | 000,000,956 | ---- | C] () -- C:\ProgramData\repository.xml
[2012/02/08 14:35:31 | 000,000,012 | ---- | C] () -- C:\Windows\Ulead32.ini
[2012/01/28 08:38:50 | 000,209,040 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2012/01/28 08:38:50 | 000,204,944 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2012/01/28 08:38:50 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2012/01/28 08:38:50 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2012/01/28 08:38:50 | 000,192,656 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2012/01/28 08:38:50 | 000,024,720 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2012/01/18 16:52:55 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/01/04 10:12:30 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011/12/16 18:50:32 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/12/16 18:50:29 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/12/14 17:33:34 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/12/14 17:32:36 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011/12/11 18:02:15 | 000,000,034 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2011/12/10 12:18:19 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2011/12/08 21:10:46 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/12/08 21:10:45 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/12/08 21:10:45 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/12/08 21:10:45 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/12/06 19:24:19 | 000,235,283 | ---- | C] () -- C:\Windows\hpwins26.dat
[2011/11/03 23:48:50 | 000,002,792 | ---- | C] () -- C:\Program Files\HP SimplePass 2011
[2011/06/21 08:07:00 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/02/11 21:29:00 | 001,554,840 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/20 19:43:48 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\.RTS
[2012/03/25 09:05:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\avidemux
[2012/12/22 12:17:06 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DAEMON Tools Pro
[2011/12/26 14:43:45 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Database
[2012/03/16 07:57:10 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DMCache
[2011/12/11 09:19:05 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DVDFab
[2012/03/25 08:25:44 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\FreeFLVConverter
[2012/03/27 15:54:22 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Garmin
[2011/12/18 04:07:33 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2012/02/08 18:49:05 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Haenlein-Software
[2012/03/03 13:03:25 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\iolo
[2012/08/04 18:30:53 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\LangSoft
[2012/02/07 20:49:15 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\LEAPS
[2012/03/25 10:44:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\MOVAVI
[2012/03/25 11:11:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Movavi Video Converter 10
[2011/12/11 15:58:29 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Music Label
[2012/03/25 08:07:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Nuclear Coffee
[2012/03/25 10:44:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Opera
[2012/02/09 10:50:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Publish Providers
[2011/12/16 18:50:28 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\PunkBuster
[2012/03/24 19:43:51 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Replay Media Catcher 4
[2012/12/02 15:48:44 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Smarty Uninstaller
[2012/03/24 17:19:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\SoftGate
[2012/12/15 19:21:09 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Stellarium
[2012/12/19 08:01:20 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\TeamViewer
[2012/01/24 19:26:26 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Thinstall
[2011/12/06 21:13:24 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Thunderbird
[2012/12/01 16:40:44 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Ulead Systems
[2012/12/23 17:43:23 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\uTorrent
[2011/12/18 09:07:49 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\vghd
[2011/12/09 14:22:09 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\VitySoft
[2012/02/02 17:38:49 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinBatch
[2012/03/25 17:07:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Yandex

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,582 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/04/02 06:31:33 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/05/03 15:39:47 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/05/03 15:39:48 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/06/13 17:38:49 | 000,000,328 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForPetr.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/11/03 23:27:26 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/11/03 23:27:26 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/11/03 23:27:26 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/11/03 23:27:26 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/11/03 23:27:26 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/11/03 23:27:26 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012/08/22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011/11/03 23:25:10 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012/03/30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/11/03 23:25:10 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012/08/22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp files -> C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/11/20 19:43:48 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\.RTS
[2012/11/23 15:22:36 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Adobe
[2012/11/24 07:59:01 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Apple Computer
[2012/03/25 09:05:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\avidemux
[2012/10/16 14:18:41 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Avira
[2012/12/01 16:40:45 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Corel
[2012/12/09 08:02:35 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\CyberLink
[2012/12/22 12:17:06 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DAEMON Tools Pro
[2011/12/26 14:43:45 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Database
[2012/12/02 15:31:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DivX
[2012/03/16 07:57:10 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DMCache
[2012/12/21 19:10:25 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\dvdcss
[2011/12/11 09:19:05 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DVDFab
[2012/03/25 08:25:44 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\FreeFLVConverter
[2012/03/27 15:54:22 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Garmin
[2011/12/18 04:07:33 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2012/02/08 18:49:05 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Haenlein-Software
[2011/12/14 15:11:08 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Hewlett-Packard
[2011/12/09 20:06:17 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\HP
[2012/11/15 17:32:27 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\hpqLog
[2011/12/06 19:12:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Identities
[2012/02/10 07:48:42 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\InstallShield
[2012/03/03 13:03:25 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\iolo
[2012/08/04 18:30:53 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\LangSoft
[2012/02/07 20:49:15 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\LEAPS
[2011/12/06 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Macromedia
[2011/12/10 15:51:28 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Malwarebytes
[2010/11/21 08:16:58 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Media Center Programs
[2012/12/22 12:17:05 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Media Player Classic
[2012/06/15 06:23:24 | 000,000,000 | --SD | M] -- C:\Users\Petr\AppData\Roaming\Microsoft
[2012/03/25 10:44:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\MOVAVI
[2012/03/25 11:11:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Movavi Video Converter 10
[2011/12/07 21:03:31 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Mozilla
[2011/12/11 15:58:29 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Music Label
[2012/02/11 10:56:03 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Nero
[2012/03/25 08:07:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Nuclear Coffee
[2011/12/11 09:11:55 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\NVIDIA
[2012/03/25 10:44:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Opera
[2012/02/09 10:50:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Publish Providers
[2011/12/16 18:50:28 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\PunkBuster
[2012/03/24 19:43:51 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Replay Media Catcher 4
[2012/12/02 15:48:44 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Smarty Uninstaller
[2012/03/24 17:19:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\SoftGate
[2012/12/15 19:21:09 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Stellarium
[2011/12/06 19:06:55 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Symantec
[2012/12/19 08:01:20 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\TeamViewer
[2012/01/24 19:26:26 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Thinstall
[2011/12/06 21:13:24 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Thunderbird
[2012/12/01 16:40:44 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Ulead Systems
[2012/12/23 17:43:23 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\uTorrent
[2011/12/18 09:07:49 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\vghd
[2011/12/09 14:22:09 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\VitySoft
[2012/12/21 19:10:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\vlc
[2012/02/02 17:38:49 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinBatch
[2011/12/06 20:57:33 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinRAR
[2012/03/25 17:07:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Yandex

< %APPDATA%\*.exe /s >
[2012/02/17 15:21:04 | 000,029,926 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2011/12/21 08:04:30 | 000,010,134 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe
[2011/02/24 16:07:45 | 000,835,440 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012/12/24 11:03:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/12/24 08:35:44 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/12/24 11:54:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/12/16 09:02:53 | 000,000,328 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForPetr.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/12/24 08:38:14 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2012/12/23 17:53:49 | 000,281,688 | ---- | M] () -- C:\Windows\system32\PnkBstrB.ex0
[2012/12/24 09:17:36 | 000,281,688 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe
[2012/12/24 09:17:36 | 000,281,688 | ---- | M] () -- C:\Windows\system32\PnkBstrB.xtr

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DU Meter" = C:\Program Files (x86)\DU Meter\DUMeter.exe -- [2009/03/13 13:13:13 | 001,216,931 | ---- | M] (Hagel Technologies Ltd.)
"Nektra OEAPI" =
"OEXPRESS" =
"DAEMON Tools Pro Agent" = "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun -- [2011/08/17 08:29:20 | 004,527,424 | ---- | M] (DT Soft Ltd)
"Steam" = "C:\Program Files (x86)\Steam\Steam.exe" -silent -- [2012/12/21 19:33:41 | 001,354,736 | ---- | M] (Valve Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012/12/08 11:01:21 | 000,916,960 | ---- | M] (Mozilla Corporation) MD5=5744FFF8E72D105C138DAE9E17BB29FE -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/11/14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/12/24 11:44:51 | 000,000,512 | ---- | M] () MD5=9B84917725C2B0E18404B0D29FC0931A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010/11/09 08:49:48 | 040,868,256 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\Common\mp_cracked.ff
[2010/11/09 08:49:48 | 000,019,296 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\English\en_mp_cracked.ff
[2011/12/27 10:11:31 | 000,000,762 | ---- | M] () -- \Users\Petr\AppData\Roaming\Smarty Uninstaller\Icons\RAR Password Cracker16.png
[2011/12/27 10:11:31 | 000,001,832 | ---- | M] () -- \Users\Petr\AppData\Roaming\Smarty Uninstaller\Icons\RAR Password Cracker32.png
[2011/12/26 16:12:48 | 000,000,733 | ---- | M] () -- \Users\Petr\AppData\Roaming\uTorrent\RAR Password Cracker v4.12.torrent
[2012/11/02 07:51:14 | 000,005,369 | ---- | M] () -- \Users\Petr\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp

< *keygen* /s >

< *loader* /s >
[2012/06/26 22:12:26 | 000,061,720 | ---- | M] () -- \Program Files (x86)\2K Games\Spec Ops The Line\Binaries\Win32\PhysXLocal\PhysXLoader.dll
[2010/11/15 21:02:32 | 000,013,785 | ---- | M] () -- \Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\WebPublish\BootStrapLoader.swf
[2012/12/11 18:08:44 | 000,052,512 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2012/12/11 18:08:50 | 000,232,224 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2012/12/11 18:09:03 | 001,713,952 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[2012/10/11 21:56:32 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2010/10/07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/10/07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009/01/04 19:53:08 | 000,002,945 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Ultimate X5\accLoader.ini
[2012/01/19 05:47:30 | 000,166,768 | ---- | M] () -- \Program Files (x86)\Corel\Corel VideoStudio Ultimate X5\VimeoUploader.dll
[2012/03/14 13:30:08 | 000,124,200 | ---- | M] () -- \Program Files (x86)\Cyberlink\MediaShow6\Koan\pyloader.dll
[2012/03/14 13:03:46 | 002,475,304 | ---- | M] () -- \Program Files (x86)\Cyberlink\MediaShow6\subsys\CES\CES_3DLoaderFBX.dll
[2012/03/14 13:26:13 | 000,022,474 | ---- | M] () -- \Program Files (x86)\Cyberlink\MediaShow6\subsys\DataCenter\ImageLoader.kc
[2010/12/24 07:00:58 | 000,167,720 | ---- | M] () -- \Program Files (x86)\Cyberlink\Power2Go8\runtime\CES\PlugIn\CES_3DLoaderC3S.dll
[2010/12/24 07:00:58 | 002,525,480 | ---- | M] () -- \Program Files (x86)\Cyberlink\Power2Go8\runtime\CES\PlugIn\CES_3DLoaderFBX.dll
[2012/03/22 02:51:05 | 000,000,034 | ---- | M] () -- \Program Files (x86)\Cyberlink\PowerDVD12\ComLoader.ini
[2012/03/22 03:15:27 | 000,124,792 | ---- | M] () -- \Program Files (x86)\Cyberlink\PowerDVD12\Common\Koan\pyloader.dll
[2012/02/01 04:40:50 | 000,018,123 | ---- | M] () -- \Program Files (x86)\Cyberlink\PowerDVD12\MediaEspresso\subsys\DataCenter\ImageLoader.kc
[2012/03/19 09:30:49 | 000,028,102 | ---- | M] () -- \Program Files (x86)\Cyberlink\PowerDVD12\Movie\PK\subsys\PyImpLoader\PyImpLoader.kc
[2012/03/19 09:30:49 | 000,120,104 | ---- | M] () -- \Program Files (x86)\Cyberlink\PowerDVD12\Movie\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2012/02/22 10:11:05 | 000,012,502 | ---- | M] () -- \Program Files (x86)\Cyberlink\PowerDVD12\Movie\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2012/02/10 06:37:06 | 000,012,022 | ---- | M] () -- \Program Files (x86)\Cyberlink\PowerDVD12\Movie\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2012/03/22 02:50:09 | 000,022,767 | ---- | M] () -- \Program Files (x86)\Cyberlink\PowerDVD12\subsys\DataCenter\ImageLoader.kc
[2012/03/22 02:50:11 | 000,007,943 | ---- | M] () -- \Program Files (x86)\Cyberlink\PowerDVD12\subsys\NetService\netThumbLoader.kc
[2012/03/22 02:50:18 | 000,001,566 | ---- | M] () -- \Program Files (x86)\Cyberlink\PowerDVD12\subsys\Video\D3D9Loader.kc
[2010/04/15 17:37:25 | 002,475,304 | ---- | M] () -- \Program Files (x86)\Cyberlink\Shared files\Plugin\6.0\CES_3DLoaderFBX.dll
[2012/05/10 11:00:00 | 002,533,752 | ---- | M] () -- \Program Files (x86)\Cyberlink\Shared files\Plugin\8.0\CES_3DLOADERFBX.DLL
[2010/10/10 17:02:42 | 000,132,096 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\Binaries\loader.dll
[2010/09/02 04:45:20 | 000,065,536 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\Binaries\PhysXLocal\PhysXLoader.dll
[2010/09/25 12:33:10 | 001,933,161 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp\loader-00.fbrb
[2010/09/25 12:33:11 | 005,968,346 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_01\loader-00.fbrb
[2010/09/25 12:33:12 | 005,755,952 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_02\loader-00.fbrb
[2010/09/25 12:33:19 | 055,099,465 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_03\loader-00.fbrb
[2010/09/25 12:33:19 | 002,954,487 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_04\loader-00.fbrb
[2010/09/25 12:33:25 | 047,101,846 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_05\loader-00.fbrb
[2010/09/25 12:33:32 | 050,561,194 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_06\loader-00.fbrb
[2010/09/25 12:33:39 | 055,282,402 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_07\loader-00.fbrb
[2010/09/25 12:33:46 | 049,203,256 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_08\loader-00.fbrb
[2010/09/25 12:33:52 | 047,279,340 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_09\loader-00.fbrb
[2010/09/25 12:33:59 | 049,418,362 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\common_mp_10\loader-00.fbrb
[2010/09/25 12:28:14 | 017,474,214 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_01\loader-00.fbrb
[2010/09/25 12:28:19 | 016,173,085 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_02\loader-00.fbrb
[2010/09/25 12:28:28 | 017,335,818 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_04\loader-00.fbrb
[2010/09/25 12:28:31 | 008,013,580 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_domination\loader-00.fbrb
[2010/09/25 12:28:32 | 008,013,580 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_overrun\loader-00.fbrb
[2010/09/25 12:28:33 | 008,007,355 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_05_tdm\loader-00.fbrb
[2010/09/25 12:28:35 | 008,004,561 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_domination\loader-00.fbrb
[2010/09/25 12:28:36 | 008,004,561 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_overrun\loader-00.fbrb
[2010/09/25 12:28:37 | 007,984,585 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_06_tdm\loader-00.fbrb
[2010/09/25 12:28:38 | 008,008,365 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_domination\loader-00.fbrb
[2010/09/25 12:28:38 | 008,008,365 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_overrun\loader-00.fbrb
[2010/09/25 12:28:41 | 008,022,594 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_08_tdm\loader-00.fbrb
[2010/09/25 12:28:42 | 007,967,707 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_domination\loader-00.fbrb
[2010/09/25 12:28:45 | 007,967,707 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_overrun\loader-00.fbrb
[2010/09/25 12:28:46 | 007,988,318 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_09_tdm\loader-00.fbrb
[2010/09/25 12:28:46 | 008,033,103 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_domination\loader-00.fbrb
[2010/09/25 12:28:48 | 008,033,103 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_overrun\loader-00.fbrb
[2010/09/25 12:28:49 | 008,018,170 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Medal of Honor\MP\dist\win32\levels\mp_10_tdm\loader-00.fbrb
[2012/11/28 14:24:28 | 000,067,584 | ---- | M] () -- \Program Files (x86)\Far Cry 3\bin\ubiorbitapi_r2_loader.dll
[2012/11/28 22:54:12 | 000,003,072 | ---- | M] () -- \Program Files (x86)\Far Cry 3\bin\uplay_r1_loader.dll
[2011/01/25 11:16:44 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2011/01/25 11:11:12 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2010/10/15 03:58:50 | 000,001,012 | ---- | M] () -- \Program Files (x86)\HP Games\onplay\downloader_bg_400.gif
[2009/05/21 20:21:18 | 000,007,507 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009/05/21 21:54:18 | 000,030,776 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009/05/21 21:54:18 | 000,002,713 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2009/05/31 11:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009/05/31 11:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/02/27 22:58:46 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeBlue.gif
[2012/02/27 22:58:46 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeGrey.gif
[2012/02/27 22:58:46 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallBlue.gif
[2012/02/27 22:58:46 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallGold.gif
[2011/03/01 19:52:02 | 000,411,888 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\WTDownloader.exe
[2010/11/03 22:17:00 | 000,002,193 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2011/02/16 20:02:14 | 000,009,072 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010/11/03 22:17:00 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2010/10/07 04:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010/10/07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011/03/02 12:39:58 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011/09/20 15:43:32 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011/10/21 06:45:54 | 000,067,584 | ---- | M] () -- \RTSStavitel\Loader.exe
[2011/09/20 15:43:32 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2010/03/24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012/10/04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012/10/04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/11/03 23:19:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011/11/03 23:19:51 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011/11/03 23:19:51 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011/11/03 23:19:51 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011/11/03 23:19:51 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011/11/03 23:25:45 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/11/03 23:25:45 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/11/03 23:25:45 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/11/03 23:25:45 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/11/03 23:25:45 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/11/03 23:18:56 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010/11/21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/11/03 23:25:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/11/03 23:25:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll

========== Files - Unicode (All) ==========
[2011/11/22 18:20:00 | 000,000,103 | ---- | M] ()(\Users\Petr\Favorites\Download fóra\qiq.ru - ?????? ????????! ??? ??????? ????????? ? crack(????), ?????(warez) ? ??? ??????? ?????, ????.URL) -- \Users\Petr\Favorites\Download fóra\qiq.ru - Свежий интернет! где скачать программы с crack(кряк), варез(warez) и ещё скачать книги, игры.URL
[2008/10/09 19:20:48 | 000,000,833 | ---- | M] ()(\Users\Petr\Favorites\Oblíbené položky\Download fóra\qiq.ru - ?????? ????????! ??? ??????? ????????? ? crack(????), ?????(warez) ? ??? ??????? ?????, ????.url) -- \Users\Petr\Favorites\Oblíbené položky\Download fóra\qiq.ru - Свежий интернет! где скачать программы с crack(кряк), варез(warez) и ещё скачать книги, игры.url

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 24 bytes -> C:\Windows:71DB03982318C74E

< End of report >

OTL Extras logfile created on: 12/24/2012 11:43:26 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

15.98 Gb Total Physical Memory | 13.45 Gb Available Physical Memory | 84.14% Memory free
31.96 Gb Paging File | 29.24 Gb Available in Paging File | 91.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 500.00 Gb Total Space | 202.99 Gb Free Space | 40.60% Space Free | Partition Type: NTFS
Drive D: | 9.06 Gb Total Space | 1.10 Gb Free Space | 12.17% Space Free | Partition Type: NTFS
Drive J: | 6.61 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive L: | 422.35 Gb Total Space | 87.16 Gb Free Space | 20.64% Space Free | Partition Type: NTFS

Computer Name: PETR-HP | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0559C754-5070-4C86-B59F-3B9A7F4B647F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{0A622D2B-6A5A-4DDC-A625-AA21C6FEF2D6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{10C4A4DC-DC10-4D70-8DEE-4B5D2B3B2248}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{1E472DF2-242B-4735-9B40-E6A4821C6F4D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E9A4980-A062-44F9-BD1D-499116080543}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{22D1AD76-29AB-456D-A816-486BAE43B047}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41F95B4C-B7CF-4C93-9876-E6F642E122F5}" = lport=139 | protocol=6 | dir=in | app=system |
"{44F591F2-F3FD-451B-92E5-97708CE86D32}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4522E5A7-3BD6-4A16-9630-E398F4249D62}" = rport=137 | protocol=17 | dir=out | app=system |
"{4DC4EED1-5824-4A76-88E2-4A07842EFA72}" = rport=138 | protocol=17 | dir=out | app=system |
"{53FC2507-1FC9-4AEA-A0B4-C3AD0A2D5594}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5A950A4C-FEEF-4711-9321-5AE2BBA155D7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5E0BBD84-BAA0-4ECA-8BD7-3A83D14606ED}" = lport=3389 | protocol=6 | dir=in | app=system |
"{663D3784-6F16-4A98-8C04-C8B65092C6EC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6C959D38-C51C-4F18-84ED-BEE47CE8C126}" = rport=139 | protocol=6 | dir=out | app=system |
"{76BA8EFA-F53A-4A95-A34C-0B2F81393403}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7DD3FC32-5710-430B-908A-5A958137F0E2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8430D605-AFAC-4F78-90F2-1448A63785A5}" = lport=138 | protocol=17 | dir=in | app=system |
"{92139396-75E1-4703-B0E4-104862C8C67E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{968AB495-ECF2-4F34-A36F-8202AF183998}" = rport=445 | protocol=6 | dir=out | app=system |
"{988E6FCD-0EEA-48AF-8A93-C77188F84FDA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A36722CD-4E6F-4BD9-8914-A4778880F70D}" = lport=445 | protocol=6 | dir=in | app=system |
"{A6E990BA-A006-4038-BFA5-EF722F9E20E6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B9E754B5-EEF1-40FC-AC00-4FA0FE783F29}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{D58F93B0-9EA1-4E47-906C-AD8F4E4AC80C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F426F092-C9E7-449F-8713-B20F958DA16F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F9D8FDD9-4D83-47BC-843C-045379A9D0E7}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03430276-1352-4520-B811-E576D2A322D2}" = protocol=17 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx9.exe |
"{0475F4A3-8052-4D66-B8F8-80E16830E080}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{0D420BE4-8FDE-4460-A266-957C6C8F4B63}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{0EC9CB11-304A-45D3-8CA2-17976A3D2973}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{0F40A0F1-A622-4013-8BD4-02CEB6E9C6EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{173BFF9A-2B0E-43AE-89A7-390CB9F3B895}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19AF50A2-CDFE-4DE8-86CE-BEB526C214B6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{1BB4C8F9-313D-4510-A3DC-EBE1007883CC}" = protocol=6 | dir=out | app=system |
"{2582A950-105C-4B74-B0EE-DC54F3DCE4B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{297F49C7-7D7E-44FD-B422-F7B0CF0947DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A4889F1-AE6A-416F-9866-B729B652663B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2CB1A77F-0B5E-47FD-A3B4-B7419B0B8C34}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{2D271190-5B29-401B-A248-30B51B468805}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{3C920AC4-832A-40B3-B54C-3979D105981D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3E6402B3-26B1-4C1A-90CD-BC7679968350}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{40DC86C5-7BC1-4AA7-9F27-38ACA69E1DFD}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{434CFA65-E772-449B-A3A5-4015843C729B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{444B4F53-0E5D-4FB1-AD7C-16F58E505836}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{45B93E7A-ADBF-4203-BA1C-7ED3D6CBEE90}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{488B93E0-F4AB-43AA-9273-7D1D336B7C43}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{4B9A811B-EF68-4585-9878-F600043E7C4A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{4FEC2E0A-6AFF-47B3-B790-50F718EDA8FB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{537E6822-EC26-4E2D-B421-A4712342A9CA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{5761A32F-29C9-4F83-A373-CE41A5B06804}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5B03C0B2-3CF7-4A26-AAD9-460EC99DEDFD}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{5E0B5D4B-655B-498E-A27A-8C8B005366D1}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{69054031-ABFA-45BC-BE80-F1603F76FA43}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{696FB94B-5F24-41F8-9939-2953A99C1046}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6CF30D19-B8A1-4F54-81FE-2B568ADEA758}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{705CF5DA-D1D8-4AA6-8432-FE33EC7D0299}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{7392679B-6D14-46D5-80DA-A32AA9841725}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{7455F50B-F45D-408D-B3A3-FEE902400DF2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7DD574B8-37A4-4341-A7E1-5A1E1E2789F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7F8964F6-60CF-41B5-BE5F-B68876923326}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{863020F7-C02F-444F-922E-1A8E0C2638F8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{8D34A94F-C1DE-4EA3-8FDD-F64171D0B771}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{962349A0-0D63-49E2-A7C6-E7C423C4C2D5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{96F15342-23F1-493E-B7DC-2B39D461C534}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{985FED90-7EF3-45F5-86EB-20D07DD35F32}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{99283C92-0DC2-40C1-98D5-3963B83AC41E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9BC59D0E-64CE-4E7E-A175-55A09A9DABE2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FA4592F-AFC1-4E99-80E8-123C56F8D45D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{A213938E-5D39-417C-A572-4DBCF373278B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{A65988CB-6053-4AC6-B3B5-53546933DF5C}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{A9F87F5C-8847-4D44-A5D0-0553415E2E36}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{B466B0DE-6D2B-4087-A1A6-C5D3ADDA0097}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{BADAA6C9-FBBC-4A62-B75A-E02E72E470D0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BB6CA16D-369A-4F4C-B4AC-2C29337C9EA2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{BDB780C2-2A43-46B2-9065-364FBFB5C68A}" = protocol=6 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{C1F51386-2F14-4823-ABA7-F66DFE15AE0B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{C289F91F-4809-45DD-9613-AC1E3D1F07D4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{C95A5834-7BDF-474D-A04E-B91E75B517F3}" = protocol=6 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx9.exe |
"{CEB90445-75CD-40A2-A531-ACEE0D55A4C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D1A6341F-7FB5-45B7-A4E3-B3CF1C3F94A3}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{D2A7C9D2-B95B-4127-8B57-EEB08A60CF9B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D3C97C35-72CC-4D92-80E6-E442D4AFC9E8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D458AF98-9A91-46CB-AAD7-4EEFAC436E61}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D80EB6AD-2348-470A-9C5C-552D3FF92FCA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{DAA2B832-0950-4AB9-A89A-96E1A52B820A}" = protocol=6 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx10.exe |
"{DB772C73-5BFD-4C69-9969-BEF7D4D7B143}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{E3588339-62FB-422C-962E-6D9481F60D5C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E384EF4E-FB3C-4B33-9761-2766F5CA7862}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{EA66CEF5-9367-44D5-A376-D4055C614EBD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{EEADDFC3-C557-462A-8898-A4C5377E0784}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{EFCF4AF8-AD34-47C8-938E-6F184FA22DFC}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{EFDB0EFF-AA0A-4567-9D86-9B3F548E396A}" = protocol=17 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\re5dx10.exe |
"{F4273866-19A1-4923-86E5-8D80C0248107}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FC408B8D-9808-4F57-B1A4-89A456298026}" = protocol=17 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{31E8F586-4EF7-4500-844D-BA8756474FF1}" = Sada Windows Automated Installation Kit
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E7EEC33-5811-42F8-AA30-DDF7FE78446B}" = Replay Media Catcher 4
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{7D088FD6-67B8-4186-947C-5FB4CC7227B5}" = O&O Defrag Professional
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 267.95
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D000D1C0-6E80-4FC4-BE4E-A88872C0616F}" = Share64
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{E5083D57-D93F-404C-A91F-1C50D67C2BEB}" = HP Officejet 4500 G510g-m
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"CCleaner" = CCleaner
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Shop for HP Supplies" = Shop for HP Supplies
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"VueScan" = VueScan
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{1A1BD41E-9854-4957-8959-F9559A8862A7}" = Corel VideoStudio Ultimate X5
"{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}" = HP SimplePass PE 2011
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0c8ebb00-4909-459c-8347-b2068b7f0319}" = OEM Share Pack
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}" = Garmin Lifetime Updater
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A1BD41E-9854-4957-8959-F9559A8862A7}" = ICA
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{28379381-B56A-43e1-B505-3098D82B1C30}" = 4500G510gm_Software_Min
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3B418709-D688-4E3A-BE0E-7D71FA84C948}" = Nero 11 PiP Effects 1
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{4382FC76-8100-4951-8658-31834E625E88}" = Nero 11 Video Transitions 1
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}" = Snagit 10
"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66C70B5F-730F-4C5D-9FC5-8E56D0FE7D53}" = IPM_VS_Pro
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6A6F7B28-E178-47AC-8654-A654ADA6C777}" = VSHelp
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{6FED7739-54B4-48AD-BBCD-28BED07ECAC2}_is1" = Far Cry 3 verze 1.01
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-MAXP3-7B42A5D4E0EB}_is1" = Max Payne 3 version 1.02
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2
"{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
"{7FF7370F-4C53-11E1-B6FF-F04DA23A5C58}" = MSVCRT Redists
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8AA4F966-EF4B-44D8-99AA-C4EA93B46863}" = VSClassic
"{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}" = CyberLink MediaShow 6
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92A70E71-4F0E-4C05-A777-16424E89F162}" = Garmin Communicator Plugin with myGarmin Agent
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FC86590-AC98-4845-80D4-3EB37B51947B}" = Nero 11
"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A8887C7B-0BCC-4FBF-BCEB-9BB4D4B14999}" = Setup
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-1029-4770-7760-000000000005}" = Adobe Acrobat X Pro - Eastern European (Group 1)
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{ACD6B383-EC5B-4000-A455-CCB308B447FE}" = Nero 11 Kwik Themes 4
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1
"{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}" = HP MAINSTREAM KEYBOARD
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA499CC0-12C0-4BA5-9007-76844B721158}" = Nero 11 Kwik Themes 3
"{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1" = iolo technologies' System Mechanic Professional
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}" = 4500G510gm
"{BE1C9464-DEBB-4DA6-B19A-8EC634F22D73}" = HP Connect Solutions
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C20A5184-E994-4CF4-A388-30236A94AD41}_is1" = Smarty Uninstaller Pro
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C717B4D4-2EFA-4DC3-8EDB-79543E43666C}" = VSUltimate
"{CA486743-5F44-40D5-A38B-77911FB27579}" = Contents
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CCE2DCFE-4A89-4BC0-B3EF-6A3F8E30A2D6}" = CyberLink OEM Share Pack 2
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DCDC6934-7428-489E-8651-90B53191488B}" = ISCOM
"{DF0B357C-5874-47D0-81E7-79AA890B0CE0}" = 4500_G510gm_Help
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E21161DD-05A2-42ED-A0EC-9C1393F51A64}" = GeekBuddy
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EBFC96E5-4409-426E-88B7-650ADB342E78}" = MSI to redistribute MS VS2005 CRT libraries
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EEBEF66A-70FD-4DF6-B173-82D07E61853E}" = Share
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVerMedia C039 USB Capture Card" = AVerMedia C039 USB Capture Card 10.2.64.51
"Avira AntiVir Desktop" = Avira Free Antivirus
"ca_musiclabel_is1" = Music Label 2010 v16.0.2
"Call of Duty Black Ops II_is1" = Call of Duty Black Ops II
"CloneCD" = CloneCD
"DAEMON Tools Pro" = DAEMON Tools Pro
"DUMeter3_is1" = DU Meter
"DVDFab 8 Qt_is1" = DVDFab 8.1.3.2 (31/10/2011) Qt
"HP Keyboard_is1" = HP Desktop Keyboard
"HP Remote Solution" = HP Remote Solution
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.0.0
"MediaDoctor_is1" = MediaDoctor 2.0
"Mozilla Firefox 17.0.1 (x86 cs)" = Mozilla Firefox 17.0.1 (x86 cs)
"Mozilla Thunderbird 17.0 (x86 cs)" = Mozilla Thunderbird 17.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NewBlue Art Effects for PDR10" = Art Effects for PDR10
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PDF Complete" = PDF Complete Special Edition
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"RTS Stavitel+ 2012_is1" = RTS Stavitel+ 2012
"Scorpions WinCheater 2.07 (s databází 130)_is1" = Scorpions WinCheater
"Soulseek2" = SoulSeek 157 NS 13e
"Spec Ops The Line_is1" = Spec Ops The Line
"Stellarium_is1" = Stellarium 0.11.2
"uTorrent" = µTorrent
"VideoGet_is1" = Nuclear Coffee - VideoGet
"VIP Access SDK" = VIP Access SDK (1.0.1.4)
"VirtuaGirlHD 1.0.4.65 - 689_90_59 models" = VirtuaGirlHD 1.0.4.65 - 689_90_59 models
"VLC media player" = VLC media player 2.0.2
"WildTangent hp Master Uninstall" = HP Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Searchqu Toolbar" = Windows Searchqu Toolbar
"WTA-018e985d-5365-420b-9b37-f20cfe2cfebd" = Cake Mania
"WTA-0629f8a6-ae86-46b1-aecd-c2def38b5421" = Final Drive: Nitro
"WTA-13111093-9b93-4d80-b325-fb424526d64e" = Namco All-Stars: PAC-MAN
"WTA-1718080d-552f-418e-a781-266a5dfc64a1" = Chronicles of Albian
"WTA-2032b45b-7e9c-415d-9e2b-e932385a138d" = Bejeweled 3
"WTA-2c85ae6b-2f55-4ddc-9d94-760c6d4d9da1" = Penguins!
"WTA-2f44d5cf-0a25-43a0-93cc-f6d1e7cdfc12" = Polar Bowler
"WTA-431ca7f5-9ca6-4d18-b477-822d8aeaa63d" = Plants vs. Zombies - Game of the Year
"WTA-4367415b-b346-47fc-9fb7-29dd4da71900" = Vacation Quest - The Hawaiian Islands
"WTA-4589c6da-b3f7-4561-b210-c09bbdc5c247" = Slingo Supreme
"WTA-4833cf5f-73e2-4690-b4d9-f173e2c20f27" = Blackhawk Striker 2
"WTA-4bd483fd-dca1-448d-96d6-3535a519c773" = Agatha Christie - Peril at End House
"WTA-4c271521-ca55-435f-b371-b93384aa35f5" = Mystery of Mortlake Mansion
"WTA-4e941daa-a92e-475d-a767-91f7d15a8d09" = Cradle of Rome 2
"WTA-544b7960-89e6-42e9-80e1-bacaa13d0cf0" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-69153abd-b3cb-445e-9ce0-0eb2e41fcaf4" = Poker Superstars III
"WTA-6fad79d4-6ff3-4459-b400-20879b25d0e0" = Bounce Symphony
"WTA-7007029b-ea6f-48df-adcd-1aaa467ae709" = Chuzzle Deluxe
"WTA-72fc75e5-88ca-4321-bc39-cfb0849bc7ea" = Polar Golfer
"WTA-89d2f516-d97b-45b5-b259-3eafaf312f9b" = FATE
"WTA-a62e5548-7168-4a56-acfa-14589b20902e" = Mah Jong Medley
"WTA-a7211a29-97da-4be8-81d9-d5992a06e1ec" = Virtual Villagers 5 - New Believers
"WTA-b875c735-60ef-4622-94b0-71832c78998f" = Farm Frenzy
"WTA-bc16c9bd-668c-486e-b8a5-aafb2e648f61" = Blasterball 3
"WTA-c71e77cf-90de-47b1-9d11-eb48937365ba" = Governor of Poker 2 Premium Edition
"WTA-c89ea647-6b48-4aa1-9eae-f91c4e732765" = Zuma Deluxe

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/22/2012 2:58:07 PM | Computer Name = Petr-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16421, časové
razítko: 0x4d76255d Název chybujícího modulu: Acrobat.dll, verze: 10.0.0.396, časové
razítko: 0x4cc5f7e2 Kód výjimky: 0xc0000005 Posun chyby: 0x0001fbbc ID chybujícího
procesu: 0x13fc Čas spuštění chybující aplikace: 0x01cd085d0715c8a5 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.dll ID zprávy:
f5853c73-7450-11e1-8655-3860774043b7

Error - 3/22/2012 2:59:06 PM | Computer Name = Petr-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16421, časové
razítko: 0x4d76255d Název chybujícího modulu: Acrobat.dll, verze: 10.0.0.396, časové
razítko: 0x4cc5f7e2 Kód výjimky: 0xc0000005 Posun chyby: 0x0001fbbc ID chybujícího
procesu: 0xbcc Čas spuštění chybující aplikace: 0x01cd085dca71095e Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.dll ID zprávy:
18b83814-7451-11e1-8655-3860774043b7

Error - 3/24/2012 11:36:23 AM | Computer Name = Petr-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Micro Video Capture.exe, verze: 7.0.0.658,
časové razítko: 0x2a425e19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725,
časové razítko: 0x4ec49b8f Kód výjimky: 0xc0000005 Posun chyby: 0x0002e3be ID chybujícího
procesu: 0x14ec Čas spuštění chybující aplikace: 0x01cd09d3d2caebfd Cesta k chybující
aplikaci: \\Vicious-d06c9ff\h (d)\Smetiště\Programy\Micro Video Capture\Micro Video
Capture.exe Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy:
1bac7e99-75c7-11e1-988a-3860774043b7

Error - 3/24/2012 1:52:18 PM | Computer Name = Petr-HP | Source = MsiInstaller | ID = 11001
Description =

Error - 4/16/2012 5:05:16 AM | Computer Name = Petr-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16421, časové
razítko: 0x4d76255d Název chybujícího modulu: guard32.dll, verze: 5.10.31649.2253,
časové razítko: 0x4f5d0dd6 Kód výjimky: 0xc00000fd Posun chyby: 0x0001d1bf ID chybujícího
procesu: 0xe90 Čas spuštění chybující aplikace: 0x01cd1baff90db2cc Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\guard32.dll ID zprávy: 47ea45e2-87a3-11e1-ae44-3860774043b7

Error - 4/16/2012 5:05:16 AM | Computer Name = Petr-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16421, časové
razítko: 0x4d76255d Název chybujícího modulu: guard32.dll, verze: 5.10.31649.2253,
časové razítko: 0x4f5d0dd6 Kód výjimky: 0xc00000fd Posun chyby: 0x0001d1a0 ID chybujícího
procesu: 0xb8c Čas spuštění chybující aplikace: 0x01cd1baff86e1516 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\guard32.dll ID zprávy: 47ea1ed2-87a3-11e1-ae44-3860774043b7

Error - 4/16/2012 5:05:26 AM | Computer Name = Petr-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16421, časové
razítko: 0x4d76255d Název chybujícího modulu: guard32.dll, verze: 5.10.31649.2253,
časové razítko: 0x4f5d0dd6 Kód výjimky: 0xc00000fd Posun chyby: 0x0001d1bf ID chybujícího
procesu: 0x1794 Čas spuštění chybující aplikace: 0x01cd1baff8016eff Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\guard32.dll ID zprávy: 4e05c727-87a3-11e1-ae44-3860774043b7

Error - 4/16/2012 5:06:05 AM | Computer Name = Petr-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16421, časové
razítko: 0x4d76255d Název chybujícího modulu: guard32.dll, verze: 5.10.31649.2253,
časové razítko: 0x4f5d0dd6 Kód výjimky: 0xc00000fd Posun chyby: 0x0001d1a0 ID chybujícího
procesu: 0x17ac Čas spuštění chybující aplikace: 0x01cd1bb0200a47c0 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\guard32.dll ID zprávy: 65321fc4-87a3-11e1-ae44-3860774043b7

Error - 4/16/2012 5:06:05 AM | Computer Name = Petr-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16421, časové
razítko: 0x4d76255d Název chybujícího modulu: guard32.dll, verze: 5.10.31649.2253,
časové razítko: 0x4f5d0dd6 Kód výjimky: 0xc00000fd Posun chyby: 0x0001d1bf ID chybujícího
procesu: 0x1510 Čas spuštění chybující aplikace: 0x01cd1bb020217997 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\guard32.dll ID zprávy: 6533cd7b-87a3-11e1-ae44-3860774043b7

Error - 4/16/2012 5:06:12 AM | Computer Name = Petr-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 9.0.8112.16421, časové
razítko: 0x4d76255d Název chybujícího modulu: guard32.dll, verze: 5.10.31649.2253,
časové razítko: 0x4f5d0dd6 Kód výjimky: 0xc00000fd Posun chyby: 0x0001d1bf ID chybujícího
procesu: 0x384 Čas spuštění chybující aplikace: 0x01cd1bb01ffab726 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\guard32.dll ID zprávy: 69766923-87a3-11e1-ae44-3860774043b7

[ Hewlett-Packard Events ]
Error - 8/16/2012 9:37:58 AM | Computer Name = Petr-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 v System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) v System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) v System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) v System.Activator.CreateInstance(Type
type, Boolean nonPublic) v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
v System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

v System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

v System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) v System.Activator.CreateInstance(Type type, Boolean nonPublic)

v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: cs-CZ RAM: 16364 Ram
Utilization: 10 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

Error - 8/16/2012 9:37:59 AM | Computer Name = Petr-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164HPSFMsgr.exe v System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) v System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) v System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) v System.Activator.CreateInstance(Type
type, Boolean nonPublic) v HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar()
StackTrace:
v System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

v System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

v System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) v System.Activator.CreateInstance(Type type, Boolean nonPublic)

v HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar() Source: mscorlib Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: cs-CZ RAM: 16364 Ram
Utilization: 10 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

Error - 8/29/2012 3:40:59 AM | Computer Name = Petr-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 8/29/2012 3:45:30 AM | Computer Name = Petr-HP | Source = HPSF.exe | ID = 4000
Description =

[ Media Center Events ]
Error - 3/18/2012 7:49:38 AM | Computer Name = Petr-HP | Source = MCUpdate | ID = 0
Description = 12:49:38 - Chyba při připojování k Internetu 12:49:38 - Nelze kontaktovat
server..

Error - 3/18/2012 8:49:43 AM | Computer Name = Petr-HP | Source = MCUpdate | ID = 0
Description = 13:49:43 - Chyba při připojování k Internetu 13:49:43 - Nelze kontaktovat
server..

Error - 3/18/2012 8:49:48 AM | Computer Name = Petr-HP | Source = MCUpdate | ID = 0
Description = 13:49:48 - Chyba při připojování k Internetu 13:49:48 - Nelze kontaktovat
server..

Error - 3/22/2012 2:05:10 PM | Computer Name = Petr-HP | Source = MCUpdate | ID = 0
Description = 19:04:49 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 3/22/2012 2:06:32 PM | Computer Name = Petr-HP | Source = MCUpdate | ID = 0
Description = 19:06:31 - Načtení položky Broadband se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 3/23/2012 1:54:18 AM | Computer Name = Petr-HP | Source = MCUpdate | ID = 0
Description = 6:54:18 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Vzdálený
název nelze rozpoznat: 'data.tvdownload.microsoft.com')

Error - 3/23/2012 1:54:20 AM | Computer Name = Petr-HP | Source = MCUpdate | ID = 0
Description = 6:54:18 - Načtení položky Broadband se nezdařilo. (Chyba: Vzdálený
název nelze rozpoznat: 'data.tvdownload.microsoft.com')

Error - 7/10/2012 8:55:56 AM | Computer Name = Petr-HP | Source = MCUpdate | ID = 0
Description = 14:55:56 - Načtení položky Directory se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 7/10/2012 8:56:46 AM | Computer Name = Petr-HP | Source = MCUpdate | ID = 0
Description = 14:56:39 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 10/3/2012 11:28:36 AM | Computer Name = Petr-HP | Source = MCUpdate | ID = 0
Description = 17:28:36 - Načtení položky Directory se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

[ System Events ]
Error - 12/22/2012 10:11:45 AM | Computer Name = Petr-HP | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující
chybě: %%1056

Error - 12/23/2012 3:21:22 AM | Computer Name = Petr-HP | Source = Service Control Manager | ID = 7000
Description = Služba CyberLink InstantBurn UDF Filesystem neuspěla při spuštění
v důsledku následující chyby: %%2

Error - 12/23/2012 3:21:46 AM | Computer Name = Petr-HP | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: CFRMD

Error - 12/23/2012 10:28:07 AM | Computer Name = Petr-HP | Source = Service Control Manager | ID = 7000
Description = Služba CyberLink InstantBurn UDF Filesystem neuspěla při spuštění
v důsledku následující chyby: %%2

Error - 12/23/2012 10:28:36 AM | Computer Name = Petr-HP | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: CFRMD

Error - 12/23/2012 3:43:27 PM | Computer Name = Petr-HP | Source = Service Control Manager | ID = 7000
Description = Služba CyberLink InstantBurn UDF Filesystem neuspěla při spuštění
v důsledku následující chyby: %%2

Error - 12/23/2012 3:43:28 PM | Computer Name = Petr-HP | Source = BugCheck | ID = 1001
Description =

Error - 12/23/2012 3:44:05 PM | Computer Name = Petr-HP | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: CFRMD

Error - 12/24/2012 3:35:39 AM | Computer Name = Petr-HP | Source = Service Control Manager | ID = 7000
Description = Služba CyberLink InstantBurn UDF Filesystem neuspěla při spuštění
v důsledku následující chyby: %%2

Error - 12/24/2012 3:35:55 AM | Computer Name = Petr-HP | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: CFRMD

< End of report >

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDF
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = http://dts.search-results.com/sr?src=ie ... 13&sr=0&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDF
IE - HKLM\..\SearchScopes,DefaultScope = Yandex
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = http://dts.search-results.com/sr?src=ie ... 13&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKLM\..\SearchScopes\Yandex: "URL" = http://yandex.ru/yandsearch?clid=193835&text={searchTerms}
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.cz/
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes,DefaultScope = {0388404D-6072-4CEB-B521-8F090FEAEE57}
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = http://dts.search-results.com/sr?src=ie ... 13&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\Moikrug: "URL" = http://moikrug.ru/persons/?clid=193835& ... &keywords={searchTerms}&submitted=1
IE - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\..\SearchScopes\Yandex: "URL" = http://yandex.ru/yandsearch?clid=193835&text={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://us.search.yahoo.com/search?fr=ytff-comodo&p="
[2012/03/25 08:25:33 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012/12/20 09:37:37 | 000,000,000 | ---D | M] (IDM CC) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com
[2012/11/24 08:58:06 | 000,000,000 | ---D | M] (ĐšĐ°ĐĽĐżĐ°Đ˝ĐµĐ˝Ń‚ "ĐĐ»ĐµĐĽĐµĐ˝Ń‚Ń‹ ĐŻĐ˝Đ´ĐµĐşŃĐ°") -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru
[2012/03/25 08:25:31 | 000,002,515 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\searchplugins\Search_Results.xml
[2011/12/08 21:11:01 | 000,001,390 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\searchplugins\yahoo-zugo.xml
CHR - homepage: http://us.yahoo.com?fr=fpc-comodo
O2:64bit: - BHO: (no name) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - No CLSID value found.
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001..\Run: [Nektra OEAPI] File not found
O4 - HKU\S-1-5-21-1264491186-2845159299-2406595300-1001..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp files -> C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp -> ]
[2012/12/24 11:03:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/12/24 08:35:44 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/12/24 11:54:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/12/16 09:02:53 | 000,000,328 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForPetr.job
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 24 bytes -> C:\Windows:71DB03982318C74E

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"=-
"OEXPRESS"=-
"DAEMON Tools Pro Agent"=-
"Steam"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPA]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyGarminAgent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Presto! PVR Monitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"QuickTime Task"=-
"BDRegion"=-
"CLMLServer_For_P2G8"=-
"CLVirtualDrive"=-
"PowerDVD12Agent"=-

:files
C:\Program Files (x86)\Windows Searchqu Toolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1264491186-2845159299-2406595300-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Restore| /E : value set successfully!
HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ not found.
Registry key HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}\ not found.
Registry key HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Registry key HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Prefs.js: "Yahoo" removed from browser.search.defaultenginename
Prefs.js: "Search Results" removed from browser.search.order.1
Prefs.js: "chrf-comodo" removed from browser.search.param.yahoo-fr
Prefs.js: "chrf-comodo" removed from browser.search.param.yahoo-fr-cjkt
Prefs.js: "Yahoo" removed from browser.search.selectedEngine
Prefs.js: "http://us.search.yahoo.com/search?fr=ytff-comodo&p=" removed from keyword.URL
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\components8 scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\components2 scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\components scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\modules\foundation scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\modules scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\vendor scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\presets scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\dynamic-preferences scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\components scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\platform scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\native scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\migration scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru scheduled to be moved on reboot.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\searchplugins\Search_Results.xml moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\searchplugins\yahoo-zugo.xml moved successfully.
Use Chrome's Settings page to change the HomePage.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00C6482D-C502-44C8-8409-FCE54AD9C208}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Nektra OEAPI deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll deleted successfully.
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngr.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll deleted successfully.
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\IEBHO.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll deleted successfully.
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll deleted successfully.
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9C5E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB03B.tmp folder deleted successfully.
C:\Windows\Installer\MSI143E.tmp- folder deleted successfully.
C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\upd82.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\HPCeeScheduleForPetr.job moved successfully.
ADS C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
ADS C:\Windows:71DB03982318C74E deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Nektra OEAPI not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPA\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyGarminAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Presto! PVR Monitor\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\BDRegion deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\CLMLServer_For_P2G8 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\CLVirtualDrive deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\PowerDVD12Agent deleted successfully.
========== FILES ==========
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar scheduled to be moved on reboot.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Petr
->Temp folder emptied: 57085417 bytes
->Temporary Internet Files folder emptied: 5413790 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 170721410 bytes
->Flash cache emptied: 1404 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 962434 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 299051 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 224.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Petr
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Petr
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12252012_085008

Files\Folders moved on Reboot...
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\components8 scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\components2 scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\components scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\components8 scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\components2 scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\components scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\mozilla_cc@internetdownloadmanager.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\modules\foundation scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\modules\foundation scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\modules scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\vendor scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\presets scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\dynamic-preferences scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\vendor scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\presets scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\dynamic-preferences scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\components scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\platform scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\native scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\migration scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\platform scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\native scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\migration scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\platform scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\native scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\migration scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\modules\foundation scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\modules scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\vendor scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\presets scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults\dynamic-preferences scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\defaults scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\components scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb\ui scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\xb scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\platform scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\native scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts\migration scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp\parts scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru\cbapp scheduled to be moved on reboot.
Folder move failed. C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5j8v0uxk.default\extensions\yasearch@yandex.ru scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64 scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Windows Searchqu Toolbar scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
C:\Users\Petr\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\fb_2684.lck not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 12-12-25.01 - Petr 25.12.2012 11:40:00.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16364.13360 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Windows Searchqu Toolbar
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF10.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF11.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF8.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF9.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SessionRestore.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml.alt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf.alt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\as_guid.dat
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\engines.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\search.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\about.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\neterror.xhtml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\partner.coupons.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\preferences.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\template.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.htm
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluelite.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluesky.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn_settings.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ca.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dictionary.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\downloadcom.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dtxlogo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ebay.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email_on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\facebook.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\games.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphredna.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\grey.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ico-shield.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_amazon.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_games.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_radio_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_seperator_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_twitter.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_youtube.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\images.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\imesh.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\add.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\aol.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\blank.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\collapse.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\comcast.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\dtx.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\expand.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\found.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\gmail.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\chevron.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\imap.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lock.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\modify.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\move.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\pop.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\reload.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\remove.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rename.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rss.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search-go.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lichen.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-about.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-separator.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\mail.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\maps.bmp
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify-save.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modifyhot.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\music.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\news.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-main.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\orange.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\pixsy.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\protect-id.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\relatedlinks.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-collapse.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-delete.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-expand.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-feed.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-found.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rssback.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rsstopback.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_over_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\settings.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\shopping.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\siteinfo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-lichen.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-orange.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-yellow.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\technorati.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\throbber.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\translate.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\video.bmp
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\weather.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\web.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\wikipedia.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yahoosearch.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yellow.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\youtube.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\zoom.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\manifest.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngrUI.exe
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\DnsBHO.dll
c:\program files (x86)\Windows Searchqu Toolbar\sysid.ini
c:\program files (x86)\Windows Searchqu Toolbar\uninstall.exe
c:\users\Petr\AppData\Local\assembly\tmp
c:\users\Petr\AppData\Roaming\Microsoft\Windows\Recent\APREG.url
c:\windows\UA000079.DLL
c:\windows\UA000106.DLL
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-25 do 2012-12-25 )))))))))))))))))))))))))))))))
.
.
2012-12-25 10:44 . 2012-12-25 10:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-25 07:50 . 2012-12-25 07:50 -------- d-----w- C:\_OTL
2012-12-24 10:44 . 2012-12-24 10:44 512 ----a-w- C:\PhysicalMBR.bin
2012-12-22 11:04 . 2012-12-22 11:04 -------- d-----w- c:\program files (x86)\Common Files\Comodo
2012-12-22 11:04 . 2012-12-22 11:04 -------- d-----w- c:\programdata\CPA_VA
2012-12-21 19:11 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 19:11 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 19:11 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-21 19:11 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 18:32 . 2012-12-25 07:44 -------- d-----w- c:\program files (x86)\Steam
2012-12-21 18:02 . 2012-12-21 18:10 -------- d-----w- c:\users\Petr\AppData\Roaming\dvdcss
2012-12-19 07:01 . 2012-12-19 07:01 -------- d-----w- c:\users\Petr\AppData\Roaming\TeamViewer
2012-12-15 18:21 . 2012-12-15 18:21 -------- d-----w- c:\users\Petr\AppData\Roaming\Stellarium
2012-12-15 18:20 . 2012-12-15 18:20 -------- d-----w- c:\program files (x86)\Stellarium
2012-12-13 16:37 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-13 16:37 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-13 16:32 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 16:15 . 2012-12-12 19:36 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2012-12-09 11:39 . 2012-12-24 15:05 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-09 07:19 . 2012-12-09 07:19 -------- d-----w- c:\users\Petr\AppData\Local\PunkBuster
2012-12-09 07:19 . 2012-12-09 07:19 -------- d-----w- c:\programdata\Orbit
2012-12-09 07:08 . 2012-12-22 11:39 -------- d-----w- c:\program files (x86)\Far Cry 3
2012-12-07 18:26 . 2012-12-07 18:26 -------- d-sh--w- c:\windows\ftpcache
2012-12-04 08:41 . 2012-12-04 08:41 37976 ----a-w- c:\windows\SysWow64\drivers\CFRMD.sys
2012-12-02 15:17 . 2012-12-02 15:17 -------- d-----w- c:\users\Petr\AppData\Local\MediaShow
2012-12-02 14:31 . 2012-12-02 14:31 -------- d-----w- c:\users\Petr\AppData\Roaming\DivX
2012-12-02 13:47 . 2012-12-02 13:47 -------- d-----w- c:\users\Petr\AppData\Local\Power2Go8
2012-12-02 13:41 . 2011-12-26 20:37 90608 ----a-w- c:\windows\system32\drivers\CLVirtualDrive.sys
2012-12-02 13:41 . 2012-12-02 13:41 -------- d-----w- c:\program files (x86)\Common Files\CyberLink
2012-12-02 13:39 . 2012-12-02 13:39 -------- d-----w- c:\program files (x86)\DivX
2012-12-02 13:37 . 2012-02-02 16:28 377840 ----a-w- c:\windows\system32\drivers\CLBUDF.sys
2012-12-02 13:37 . 2012-02-02 16:28 24560 ----a-w- c:\windows\system32\drivers\CLBStor.sys
2012-12-01 18:29 . 2012-12-09 07:02 -------- d-----w- c:\users\Petr\AppData\Roaming\CyberLink
2012-12-01 18:21 . 2012-12-01 18:21 -------- d-----w- c:\programdata\PDVD
2012-12-01 18:21 . 2012-12-01 18:21 -------- d-----w- c:\users\Petr\AppData\Local\MediaServer
2012-12-01 18:20 . 2012-12-02 13:45 -------- d-----w- c:\programdata\install_clap
2012-12-01 15:40 . 2012-12-01 15:40 -------- d-----w- c:\users\Petr\AppData\Roaming\Corel
2012-12-01 15:40 . 2012-12-01 15:40 -------- d-----w- c:\programdata\Protexis
2012-12-01 15:39 . 2012-12-01 15:39 -------- d-----w- c:\program files (x86)\Common Files\Protexis
2012-12-01 15:39 . 2012-12-01 15:59 -------- d-----w- c:\programdata\Corel
2012-11-25 14:13 . 2012-11-25 14:13 -------- d-----w- c:\programdata\RELOADED
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-24 15:05 . 2011-12-16 17:50 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-24 14:58 . 2011-12-16 17:50 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-13 20:01 . 2011-12-11 07:56 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 19:05 . 2012-04-02 05:31 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 19:05 . 2011-11-03 22:44 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 17:11 . 2012-10-16 13:13 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-12-11 17:11 . 2012-10-16 13:13 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-12-09 07:20 . 2011-12-16 17:50 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-12-04 08:41 . 2012-12-04 08:41 37976 ----a-w- c:\windows\inf\CFRMD\cfrmd.sys
2012-12-01 17:34 . 2012-02-16 11:08 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-12-01 17:34 . 2009-05-21 19:21 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-11-07 23:38 . 2011-12-19 17:59 94288 ----a-w- c:\windows\system32\drivers\inspect.sys
2012-11-07 23:38 . 2011-12-19 17:59 38144 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-07 23:37 . 2011-12-19 17:59 584056 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-07 23:37 . 2011-12-19 17:59 22736 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-07 23:37 . 2011-12-19 17:58 41240 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-07 23:37 . 2011-12-19 17:58 301264 ------w- c:\windows\SysWow64\guard32.dll
2012-11-07 23:37 . 2011-12-19 17:58 390392 ----a-w- c:\windows\system32\guard64.dll
2012-10-25 17:13 . 2012-10-25 17:13 289768 ----a-w- c:\windows\system32\javaws.exe
2012-10-25 17:13 . 2012-10-25 17:13 189416 ----a-w- c:\windows\system32\javaw.exe
2012-10-25 17:13 . 2012-10-25 17:13 188904 ----a-w- c:\windows\system32\java.exe
2012-10-25 17:13 . 2012-10-25 17:13 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-10-25 17:13 . 2012-10-07 08:54 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-25 17:13 . 2012-10-07 08:54 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-25 02:12 . 2012-10-25 02:12 94208 ------w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ------w- c:\windows\SysWow64\QuickTime.qts
2012-10-16 08:38 . 2012-11-28 09:26 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 09:26 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 09:26 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-15 15:33 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-15 15:33 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 15:33 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-15 15:33 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-13 16:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-15 15:33 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-15 15:33 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-15 15:33 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-15 15:33 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-15 15:33 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-15 15:33 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-15 15:33 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-15 15:33 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-15 15:33 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-15 15:33 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-15 15:33 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2009-03-13 1216931]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP KEYBOARDx"="c:\program files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE" [2010-02-11 710656]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"InstantBurn"="c:\progra~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe" [2012-02-02 701736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Start GeekBuddy.lnk - c:\program files (x86)\Comodo\GeekBuddy\launcher.exe [2012-11-1 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"wave9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [x]
R2 CLBUDFbk;CyberLink InstantBurn UDF Filesystem; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 appliand;Applian Network Service;c:\windows\system32\DRIVERS\appliand.sys [2010-06-24 33888]
R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:\windows\system32\DRIVERS\AVerPola.sys [2011-01-04 534144]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 OxPPort;OxPPort;c:\windows\system32\drivers\OxPPort.sys [2008-07-31 98304]
R3 OxSer;OxSer;c:\windows\system32\drivers\OxSer.sys [2009-09-16 98352]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2011-11-03 31152]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-07 1255736]
R3 X86BDA;OEM Capture;c:\windows\system32\DRIVERS\OEMDrv.sys [2011-06-08 268416]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-02-12 132704]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\DRIVERS\CLBStor.sys [2012-02-02 24560]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-26 90608]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-11-07 584056]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-11-07 38144]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-05 271424]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2008-12-09 23464]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-03-22 87928]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\Comodo\launcher_service.exe [2012-11-01 70352]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-03-22 75640]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-03-22 296824]
S2 DUMeterSvc;DU Meter Service;c:\program files (x86)\DU Meter\DUMeterSvc.exe [2009-03-13 552052]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-06-09 264008]
S2 GeekBuddyRSP;GeekBuddy Remote Screen Protocol;c:\program files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [2012-10-31 1467088]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-01-06 722616]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 KMService;KMService;c:\windows\system32\srvany.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-06-29 3246920]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-05 1128952]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-30 378472]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [2010-06-24 33888]
S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;c:\program files (x86)\DU Meter\DUMETR64.SYS [2011-01-14 19088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys [2011-04-21 131656]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys [2011-04-21 399944]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-06-10 1128448]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 9577680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL =
mStart Page =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Windows Searchqu Toolbar - c:\program files (x86)\Windows Searchqu Toolbar\uninstall.exe
AddRemove-{1AA94747-3BF6-4237-9E1A-7B3067738FE1} - c:\program files (x86)\InstallShield Installation Information\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}\setup.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DUMeterSvc]
"ImagePath"="c:\program files (x86)\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001_Classes\Wow6432Node\CLSID\{7ad14332-be81-445c-9a77-8113cab33200}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000048
"Therad"=dword:0000001b
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):37,2a,b9,cc,4c,47,a7,f8,11,18,ea,97,e7,61,b6,64,82,db,4d,d9,55,
a7,8a,5f,e0,64,ad,fc,2b,f0,da,4a,0f,02,9c,c6,72,00,24,df,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="8FC21CC2D5EEACA21E8FD898EC36417DCA53CCBD4BD842DD0BA91DD3442370A27275719245AC74034601FE8AF3E633073675B1426D7E414612205A9B8500D6F39F85F10E9FD6DA47F4C77031179F83A3E6D7A810B43A761F887C3D5633C0FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B98089DB7CE019D40AA5CBA7FD869164D6794EF4AA2919A166F085F07A4EC48137DFD12631180F8D84DB08950C693AEDA98A6B5F84A07EC1269F4253FC8593219A8AF3E90237AF7AA2FA388818DEEC5EB70E30B413DC94E00ABA8305A2969AE733AF746C1D41220F3DCA30839354FDAD8A91634FB15AAEBFD7EEEBD441F2CAEE50A7002986335CDBA5EB793ED799D55101E4F171431AE537D2C082CFD4B640E08F225E7C94D81C3DB435A5EA85DF5FE502D974009329077C382A6811A108806C45617961FD6CB268618F73F88A52886AF36695CEC7F3DB1EB54F463431542395917BCCE74899AFD3F75F4ADC05AB8FD169F34C0E8C2553CE2790E1FB3C471AB591C7DF3BCB0A9B95C70A54A16C8E15DC153DA62366930B6E9CB80A33CCE2745ABD137907C5CE9AB8B29D35462820F7CC13F345DA52755241729520641262BD28BA73A51CC61FC86CABD3F3496DDDF1CFB540BEF1A7184EBD5F57B7DBB82F60486914C865AD7BAE6EED2987132F12B5C29081EFC0A022D5A611766E4B65F3AED0107A625681B30C69F92853CCD9D7746D5D5228B0357F59D4EF8743E53F9D6093083F5464ACA9B8AD7A9A1E491028141E238BCC6A134384A7F88F82CC5D7E3319F855B276ACCEF766947F862BB823B1E04340A7D1A1D81D6AF393DF6D6BD2AA62D136B28C5C8D6B2752110CD21C8C70FC3CD9722B4DD931F6E82FB8AE0B82A8F8DB2AE4FEDA9A9CE756F5AE426430029FD0E69CBCA8463639BDDE476D69616F1C5EF244308A1F83B356FC38AC4A2EFE6E38375B64EE19B45EC4A1DEEBAEB543B32DA3BD24CA2874DD36129C38C5B5928F9C0A83FBF0D17CD6D4ABC4B268E7E3D8007D8EE0966CD3EC40ADCBA9EA7302E1859606BB7DF6A66F9E4CE88459AE3A9338B57AA9F6877AB50B0A53E32039D216C68EFDE6279DA61C424D446D6EE861B2104034105E863171324BCBE10B0FC88778A9FE67DBA5FEE52974047B12E9D0D76901C0E43ECA5E57B34D05218B4DE540EE229705DCAA7A8FD51FB743CC0945F30555992F53B0562CE3582B43DD708D6D8953B11E793940A76E7E2D973CF87D722F8E2F34F61FCB7A38069C08327724653CC797D99423CF03BF644A667CCCA1EF228D47A15ADBD7865728F7B85F4483ED037FB9102C9E722A19BE4AFBCE9E33E1D11C19220362B9B546B710873566B3B74054DCBC36014445679FD6CAA9D0F296FE82DCE5E"
"OODEFRAG15.00.00.01PROFESSIONAL"="EF35BF2746E65BBF4281A91A8862ECA93A59D42DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B98089DB7CE019D40AA5CBA7FD869164D67948A3893FC13E07F0803E459B981BBAEACB4CFEBFB662D75888F62759E2A1FBDE33D9F5D167287E2F42628CBE3D2E8261F3DC0FC1741EDE43C26F769E0608DA476A052B63995BF7432CA08FE897547160C33D46277F788FC5D37D370B183EA95DCB3F0D65844D6E64586E868E856B57F8FDF5071C33C8AAB425FB9DDC0A81B8AC688E22D4C1622E253806FB222B19855EB9FBAAF858F0C54665234361D38027407C852DACFF976852BF589BC391C578285E460DAA9CC22CBE4D590B0BFEE8AB3922D2CB502322F5C3AB6639915FB5DE2E3B553DE821D6C5C02C4DEB9035DA2A18707A24666D3AAED9627F290050C1A49B5A865E244820AC4230CF472A3693A8823B8ADCA64C8CBB175BE6D1938D902F84BED2F3D894E9FB55030EAAFC54B482748B8063447CD7891B58ACEE3C2CA0C2B99C58D78CD2956D53AC49F796E8FC531FD142AA9BEF59CEFD52CD6531D13B48CB9841F55F4905BBFB1F5328B8997314CEEE85C03DD27A5207954867DA4BE7B4067144A4643D1DD002C020AD8E4178B146AEA22CE1C9A07EA694F272D18ACE25906F13674E013141BC33A4F82B1175A98E26146CC55DEB70B90F6C3619C8EF3E197AFCE3A5DC9350436056EE408F4A8DB70A6D7F4C9D3B1B0FE3C2B4CBBEC3955467144A62943FEA7E55D1A89E16102D54C2CA6EF1AB1F200E823EFD25FA043A6DF728AFE191E32E158D045321D61786F57F24A1BD000001226446812D9D925BAD3FDDAB767509285B782AB537CCC230A12131E87561E5E71B2CB3258DF1BF66837F5B080B19E685951A8C79526D01B7824B83D7A7CBC1820AF7A2BA5093A53FE4450CBB578270216190D5D54A46FFC7F5A220DEDF4E23D0F5E2375B2D0635CBFD695AF6C21D82F6BA10D6F23E67AEB5C2223B190D8E8DE2928AF7A691994B2DC6FE226EAF6F744F8289C48423F1E0DBD8DA115C3A2FD15C9999C63E826A07F82346A3BADA41B1AD6084175ADE2558946D49AE69AB1237A3FE077200320AEEECC6D703E64BCAF8E0FC4954790ECF00F8DD29C97E0C92EAC4FD3E7E33E13B92FCA874FC3F136F3809D82C653CADC954F9D06CBDF939149CFB2E8A4A5D5EF0F758414F3246D677C54768D19F172133D0176115DB664157188133CF8A1B60A53F870C75EFA24113174FE52E0C1CE58B35C89BB1FDCB743F803120EC655061BFB74FD7BA6A71451CC4D91638922DC551920C0EF6E52A9EF85ED43C2028497BED4A78B2CF2507130E04EFB7491B9CD97640DF3BC3FDF845211FA2FE1B2B6F7F5FB57707A82DBA395CFEC00E28A710414"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-12-25 11:45:53
ComboFix-quarantined-files.txt 2012-12-25 10:45
.
Před spuštěním: Volných bajtů: 218 275 319 808
Po spuštění: Volných bajtů: 217 885 302 784
.
- - End Of File - - 255A51354B13F5489B4339A8F9C59D88

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001_Classes\Wow6432Node\CLSID\{7ad14332-be81-445c-9a77-8113cab33200}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

ComboFix 12-12-25.01 - Petr 26.12.2012 6:31.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16364.14162 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-26 do 2012-12-26 )))))))))))))))))))))))))))))))
.
.
2012-12-25 07:50 . 2012-12-25 07:50 -------- d-----w- C:\_OTL
2012-12-24 10:44 . 2012-12-24 10:44 512 ----a-w- C:\PhysicalMBR.bin
2012-12-22 11:04 . 2012-12-22 11:04 -------- d-----w- c:\program files (x86)\Common Files\Comodo
2012-12-22 11:04 . 2012-12-22 11:04 -------- d-----w- c:\programdata\CPA_VA
2012-12-21 19:11 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 19:11 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 19:11 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-21 19:11 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 18:32 . 2012-12-25 07:44 -------- d-----w- c:\program files (x86)\Steam
2012-12-21 18:02 . 2012-12-21 18:10 -------- d-----w- c:\users\Petr\AppData\Roaming\dvdcss
2012-12-19 07:01 . 2012-12-19 07:01 -------- d-----w- c:\users\Petr\AppData\Roaming\TeamViewer
2012-12-15 18:21 . 2012-12-15 18:21 -------- d-----w- c:\users\Petr\AppData\Roaming\Stellarium
2012-12-15 18:20 . 2012-12-15 18:20 -------- d-----w- c:\program files (x86)\Stellarium
2012-12-13 16:37 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-13 16:37 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-13 16:32 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 16:15 . 2012-12-12 19:36 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2012-12-09 11:39 . 2012-12-25 15:51 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-09 07:19 . 2012-12-09 07:19 -------- d-----w- c:\users\Petr\AppData\Local\PunkBuster
2012-12-09 07:19 . 2012-12-09 07:19 -------- d-----w- c:\programdata\Orbit
2012-12-09 07:08 . 2012-12-22 11:39 -------- d-----w- c:\program files (x86)\Far Cry 3
2012-12-07 18:26 . 2012-12-07 18:26 -------- d-sh--w- c:\windows\ftpcache
2012-12-04 08:41 . 2012-12-04 08:41 37976 ----a-w- c:\windows\SysWow64\drivers\CFRMD.sys
2012-12-02 15:17 . 2012-12-02 15:17 -------- d-----w- c:\users\Petr\AppData\Local\MediaShow
2012-12-02 14:31 . 2012-12-02 14:31 -------- d-----w- c:\users\Petr\AppData\Roaming\DivX
2012-12-02 13:47 . 2012-12-02 13:47 -------- d-----w- c:\users\Petr\AppData\Local\Power2Go8
2012-12-02 13:41 . 2011-12-26 20:37 90608 ----a-w- c:\windows\system32\drivers\CLVirtualDrive.sys
2012-12-02 13:41 . 2012-12-02 13:41 -------- d-----w- c:\program files (x86)\Common Files\CyberLink
2012-12-02 13:39 . 2012-12-02 13:39 -------- d-----w- c:\program files (x86)\DivX
2012-12-02 13:37 . 2012-02-02 16:28 377840 ----a-w- c:\windows\system32\drivers\CLBUDF.sys
2012-12-02 13:37 . 2012-02-02 16:28 24560 ----a-w- c:\windows\system32\drivers\CLBStor.sys
2012-12-01 18:29 . 2012-12-09 07:02 -------- d-----w- c:\users\Petr\AppData\Roaming\CyberLink
2012-12-01 18:21 . 2012-12-01 18:21 -------- d-----w- c:\programdata\PDVD
2012-12-01 18:21 . 2012-12-01 18:21 -------- d-----w- c:\users\Petr\AppData\Local\MediaServer
2012-12-01 18:20 . 2012-12-02 13:45 -------- d-----w- c:\programdata\install_clap
2012-12-01 15:40 . 2012-12-01 15:40 -------- d-----w- c:\users\Petr\AppData\Roaming\Corel
2012-12-01 15:40 . 2012-12-01 15:40 -------- d-----w- c:\programdata\Protexis
2012-12-01 15:39 . 2012-12-01 15:39 -------- d-----w- c:\program files (x86)\Common Files\Protexis
2012-12-01 15:39 . 2012-12-01 15:59 -------- d-----w- c:\programdata\Corel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-25 15:51 . 2011-12-16 17:50 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-25 15:43 . 2011-12-16 17:50 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-13 20:01 . 2011-12-11 07:56 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 19:05 . 2012-04-02 05:31 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 19:05 . 2011-11-03 22:44 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 17:11 . 2012-10-16 13:13 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-12-11 17:11 . 2012-10-16 13:13 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-12-09 07:20 . 2011-12-16 17:50 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-12-04 08:41 . 2012-12-04 08:41 37976 ----a-w- c:\windows\inf\CFRMD\cfrmd.sys
2012-12-01 17:34 . 2012-02-16 11:08 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-12-01 17:34 . 2009-05-21 19:21 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-11-07 23:38 . 2011-12-19 17:59 94288 ----a-w- c:\windows\system32\drivers\inspect.sys
2012-11-07 23:38 . 2011-12-19 17:59 38144 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-07 23:37 . 2011-12-19 17:59 584056 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-07 23:37 . 2011-12-19 17:59 22736 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-07 23:37 . 2011-12-19 17:58 41240 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-07 23:37 . 2011-12-19 17:58 301264 ------w- c:\windows\SysWow64\guard32.dll
2012-11-07 23:37 . 2011-12-19 17:58 390392 ----a-w- c:\windows\system32\guard64.dll
2012-10-25 17:13 . 2012-10-25 17:13 289768 ----a-w- c:\windows\system32\javaws.exe
2012-10-25 17:13 . 2012-10-25 17:13 189416 ----a-w- c:\windows\system32\javaw.exe
2012-10-25 17:13 . 2012-10-25 17:13 188904 ----a-w- c:\windows\system32\java.exe
2012-10-25 17:13 . 2012-10-25 17:13 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-10-25 17:13 . 2012-10-07 08:54 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-25 17:13 . 2012-10-07 08:54 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-25 02:12 . 2012-10-25 02:12 94208 ------w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ------w- c:\windows\SysWow64\QuickTime.qts
2012-10-16 08:38 . 2012-11-28 09:26 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 09:26 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 09:26 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-15 15:33 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-15 15:33 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 15:33 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-15 15:33 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-13 16:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-15 15:33 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-15 15:33 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-15 15:33 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-15 15:33 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-15 15:33 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-15 15:33 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-15 15:33 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-15 15:33 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-15 15:33 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-15 15:33 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-15 15:33 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2009-03-13 1216931]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP KEYBOARDx"="c:\program files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE" [2010-02-11 710656]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"InstantBurn"="c:\progra~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe" [2012-02-02 701736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Start GeekBuddy.lnk - c:\program files (x86)\Comodo\GeekBuddy\launcher.exe [2012-11-1 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"wave9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [x]
R2 CLBUDFbk;CyberLink InstantBurn UDF Filesystem; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R3 appliand;Applian Network Service;c:\windows\system32\DRIVERS\appliand.sys [2010-06-24 33888]
R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:\windows\system32\DRIVERS\AVerPola.sys [2011-01-04 534144]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 OxPPort;OxPPort;c:\windows\system32\drivers\OxPPort.sys [2008-07-31 98304]
R3 OxSer;OxSer;c:\windows\system32\drivers\OxSer.sys [2009-09-16 98352]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2011-11-03 31152]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-07 1255736]
R3 X86BDA;OEM Capture;c:\windows\system32\DRIVERS\OEMDrv.sys [2011-06-08 268416]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-02-12 132704]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\DRIVERS\CLBStor.sys [2012-02-02 24560]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-26 90608]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-11-07 584056]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-11-07 38144]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-05 271424]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2008-12-09 23464]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-03-22 87928]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\Comodo\launcher_service.exe [2012-11-01 70352]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-03-22 75640]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-03-22 296824]
S2 DUMeterSvc;DU Meter Service;c:\program files (x86)\DU Meter\DUMeterSvc.exe [2009-03-13 552052]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-06-09 264008]
S2 GeekBuddyRSP;GeekBuddy Remote Screen Protocol;c:\program files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [2012-10-31 1467088]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-01-06 722616]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 KMService;KMService;c:\windows\system32\srvany.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-06-29 3246920]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-05 1128952]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-30 378472]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [2010-06-24 33888]
S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;c:\program files (x86)\DU Meter\DUMETR64.SYS [2011-01-14 19088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys [2011-04-21 131656]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys [2011-04-21 399944]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-06-10 1128448]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 9577680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL =
mStart Page =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Windows Searchqu Toolbar - c:\program files (x86)\Windows Searchqu Toolbar\uninstall.exe
AddRemove-{1AA94747-3BF6-4237-9E1A-7B3067738FE1} - c:\program files (x86)\InstallShield Installation Information\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}\setup.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DUMeterSvc]
"ImagePath"="c:\program files (x86)\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1264491186-2845159299-2406595300-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):37,2a,b9,cc,4c,47,a7,f8,11,18,ea,97,e7,61,b6,64,82,db,4d,d9,55,
a7,8a,5f,e0,64,ad,fc,2b,f0,da,4a,0f,02,9c,c6,72,00,24,df,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="8FC21CC2D5EEACA21E8FD898EC36417DCA53CCBD4BD842DD0BA91DD3442370A27275719245AC74034601FE8AF3E633073675B1426D7E414612205A9B8500D6F39F85F10E9FD6DA47F4C77031179F83A3E6D7A810B43A761F887C3D5633C0FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B98089DB7CE019D40AA5CBA7FD869164D6794EF4AA2919A166F085F07A4EC48137DFD12631180F8D84DB08950C693AEDA98A6B5F84A07EC1269F4253FC8593219A8AF3E90237AF7AA2FA388818DEEC5EB70E30B413DC94E00ABA8305A2969AE733AF746C1D41220F3DCA30839354FDAD8A91634FB15AAEBFD7EEEBD441F2CAEE50A7002986335CDBA5EB793ED799D55101E4F171431AE537D2C082CFD4B640E08F225E7C94D81C3DB435A5EA85DF5FE502D974009329077C382A6811A108806C45617961FD6CB268618F73F88A52886AF36695CEC7F3DB1EB54F463431542395917BCCE74899AFD3F75F4ADC05AB8FD169F34C0E8C2553CE2790E1FB3C471AB591C7DF3BCB0A9B95C70A54A16C8E15DC153DA62366930B6E9CB80A33CCE2745ABD137907C5CE9AB8B29D35462820F7CC13F345DA52755241729520641262BD28BA73A51CC61FC86CABD3F3496DDDF1CFB540BEF1A7184EBD5F57B7DBB82F60486914C865AD7BAE6EED2987132F12B5C29081EFC0A022D5A611766E4B65F3AED0107A625681B30C69F92853CCD9D7746D5D5228B0357F59D4EF8743E53F9D6093083F5464ACA9B8AD7A9A1E491028141E238BCC6A134384A7F88F82CC5D7E3319F855B276ACCEF766947F862BB823B1E04340A7D1A1D81D6AF393DF6D6BD2AA62D136B28C5C8D6B2752110CD21C8C70FC3CD9722B4DD931F6E82FB8AE0B82A8F8DB2AE4FEDA9A9CE756F5AE426430029FD0E69CBCA8463639BDDE476D69616F1C5EF244308A1F83B356FC38AC4A2EFE6E38375B64EE19B45EC4A1DEEBAEB543B32DA3BD24CA2874DD36129C38C5B5928F9C0A83FBF0D17CD6D4ABC4B268E7E3D8007D8EE0966CD3EC40ADCBA9EA7302E1859606BB7DF6A66F9E4CE88459AE3A9338B57AA9F6877AB50B0A53E32039D216C68EFDE6279DA61C424D446D6EE861B2104034105E863171324BCBE10B0FC88778A9FE67DBA5FEE52974047B12E9D0D76901C0E43ECA5E57B34D05218B4DE540EE229705DCAA7A8FD51FB743CC0945F30555992F53B0562CE3582B43DD708D6D8953B11E793940A76E7E2D973CF87D722F8E2F34F61FCB7A38069C08327724653CC797D99423CF03BF644A667CCCA1EF228D47A15ADBD7865728F7B85F4483ED037FB9102C9E722A19BE4AFBCE9E33E1D11C19220362B9B546B710873566B3B74054DCBC36014445679FD6CAA9D0F296FE82DCE5E"
"OODEFRAG15.00.00.01PROFESSIONAL"="EF35BF2746E65BBF4281A91A8862ECA93A59D42DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B98089DB7CE019D40AA5CBA7FD869164D67948A3893FC13E07F0803E459B981BBAEACB4CFEBFB662D75888F62759E2A1FBDE33D9F5D167287E2F42628CBE3D2E8261F3DC0FC1741EDE43C26F769E0608DA476A052B63995BF7432CA08FE897547160C33D46277F788FC5D37D370B183EA95DCB3F0D65844D6E64586E868E856B57F8FDF5071C33C8AAB425FB9DDC0A81B8AC688E22D4C1622E253806FB222B19855EB9FBAAF858F0C54665234361D38027407C852DACFF976852BF589BC391C578285E460DAA9CC22CBE4D590B0BFEE8AB3922D2CB502322F5C3AB6639915FB5DE2E3B553DE821D6C5C02C4DEB9035DA2A18707A24666D3AAED9627F290050C1A49B5A865E244820AC4230CF472A3693A8823B8ADCA64C8CBB175BE6D1938D902F84BED2F3D894E9FB55030EAAFC54B482748B8063447CD7891B58ACEE3C2CA0C2B99C58D78CD2956D53AC49F796E8FC531FD142AA9BEF59CEFD52CD6531D13B48CB9841F55F4905BBFB1F5328B8997314CEEE85C03DD27A5207954867DA4BE7B4067144A4643D1DD002C020AD8E4178B146AEA22CE1C9A07EA694F272D18ACE25906F13674E013141BC33A4F82B1175A98E26146CC55DEB70B90F6C3619C8EF3E197AFCE3A5DC9350436056EE408F4A8DB70A6D7F4C9D3B1B0FE3C2B4CBBEC3955467144A62943FEA7E55D1A89E16102D54C2CA6EF1AB1F200E823EFD25FA043A6DF728AFE191E32E158D045321D61786F57F24A1BD000001226446812D9D925BAD3FDDAB767509285B782AB537CCC230A12131E87561E5E71B2CB3258DF1BF66837F5B080B19E685951A8C79526D01B7824B83D7A7CBC1820AF7A2BA5093A53FE4450CBB578270216190D5D54A46FFC7F5A220DEDF4E23D0F5E2375B2D0635CBFD695AF6C21D82F6BA10D6F23E67AEB5C2223B190D8E8DE2928AF7A691994B2DC6FE226EAF6F744F8289C48423F1E0DBD8DA115C3A2FD15C9999C63E826A07F82346A3BADA41B1AD6084175ADE2558946D49AE69AB1237A3FE077200320AEEECC6D703E64BCAF8E0FC4954790ECF00F8DD29C97E0C92EAC4FD3E7E33E13B92FCA874FC3F136F3809D82C653CADC954F9D06CBDF939149CFB2E8A4A5D5EF0F758414F3246D677C54768D19F172133D0176115DB664157188133CF8A1B60A53F870C75EFA24113174FE52E0C1CE58B35C89BB1FDCB743F803120EC655061BFB74FD7BA6A71451CC4D91638922DC551920C0EF6E52A9EF85ED43C2028497BED4A78B2CF2507130E04EFB7491B9CD97640DF3BC3FDF845211FA2FE1B2B6F7F5FB57707A82DBA395CFEC00E28A710414"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\srvany.exe
c:\windows\KMService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe
c:\progra~2\DUMETE~1\DUMeter.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
c:\program files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2012-12-26 06:40:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-12-26 05:40
ComboFix2.txt 2012-12-25 10:45
.
Před spuštěním: Volných bajtů: 218 435 936 256
Po spuštění: Volných bajtů: 217 968 459 776
.
- - End Of File - - 9E9B90E95FD9EAF35E7FAF733CB826EC

Fajn, jak se chova PC

vše ok

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel èistiè

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Prosím o preventivní kontrolu

Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu