Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Win32/FastSaveApp a Hack Tool/win32 Keygen

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Win32/FastSaveApp a Hack Tool/win32 Keygen

#1 Příspěvek od pego »

Dobrý den,
moc prosím o radu, už 2 dni trávím nad různými návody jek se zbavit HackTool:Win32/Keygen a Win32/FastSaveApp :( který mi hlásí Windows Defender a nedokáže odstranit. Log dle Vašeho návodu nemůžu vložit, hlásí to víc znaků než je povoleno...mám z něj něco smazat? :oops: Jo a mám Windows 8
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#2 Příspěvek od vyosek »

Zdravim :)

Tak jakou nelegalni hru nebo SW jste stahoval ze na ni potrebujete crack nebo keygen :?:

:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
  • Provedte aktualizaci
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#3 Příspěvek od pego »

Díky za odpověď,
potřeboval jsem udělat nějaké video :oops:
posílám log a moc děkuji :)

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.17.07

Windows 8 x86 NTFS
Internet Explorer 10.0.9200.16519
Petr :: PETR [administrátor]

17. 3. 2013 15:29:17
MBAM-log-2013-03-17 (16-45-53).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 429997
Uplynulý čas: 1 hodin, 14 minut, 7 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 10
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://search.certified-toolbar.com/?si ... e&tid=2938) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com/) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://search.certified-toolbar.com?si= ... e&tid=2938) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com/) -> Nebyla provedena žádná instrukce.

Nalezené složky: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search (PUP.ProtectedSearch) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) -> Nebyla provedena žádná instrukce.

(konec)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#4 Příspěvek od vyosek »

Dovolim si otazku, ma cenu lecit PC, ktere si uzivatel s prominutim zaliska hned vlastni blbosti zpatky diky crackum\keygenum a podobnym "dobrotami" :?: :twisted: Nehlede na porusovani autorskeho zakona :?:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#5 Příspěvek od pego »

jj souhlas, ale nebyl jsem to já ale má drahá dceruška :twisted:
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#6 Příspěvek od vyosek »

Nalezy MBAMu smazte, objevi se log, ten rad uvidim
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#7 Příspěvek od pego »

Díky,
posílám log :)

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.17.07

Windows 8 x86 NTFS
Internet Explorer 10.0.9200.16519
Petr :: PETR [administrátor]

17. 3. 2013 15:29:17
mbam-log-2013-03-17 (15-29-17).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 429997
Uplynulý čas: 1 hodin, 14 minut, 7 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 10
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://search.certified-toolbar.com/?si ... e&tid=2938) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com/) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://search.certified-toolbar.com?si= ... e&tid=2938) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com/) -> Přesun do karantény a opravení se zdařilo.

Nalezené složky: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search (PUP.ProtectedSearch) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) -> Nebyla provedena žádná instrukce.

(konec)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#8 Příspěvek od vyosek »

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Prohledat
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#9 Příspěvek od pego »

Zdravím, vkládám log a děkuji :)

# AdwCleaner v2.115 - Log vytvooen 18/03/2013 v 08:40:21
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 8 Pro (32 bits)
# Uživatel : Petr - PETR
# Spuštin systém : Normální
# Spuštino z : C:\Users\Petr\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****

Nalezeno : Application Updater

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files\Application Updater
Složka Nalezeno : C:\Program Files\Common Files\spigot
Složka Nalezeno : C:\Program Files\pdfforge Toolbar
Složka Nalezeno : C:\Program Files\Protected Search
Složka Nalezeno : C:\Program Files\Red Sky
Složka Nalezeno : C:\Program Files\SweetIM
Složka Nalezeno : C:\ProgramData\InstallMate
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Složka Nalezeno : C:\ProgramData\SoftSafe
Složka Nalezeno : C:\Users\Petr\AppData\Local\DownTango
Složka Nalezeno : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Složka Nalezeno : C:\Users\Petr\AppData\LocalLow\pdfforge
Složka Nalezeno : C:\Users\Petr\AppData\LocalLow\Search Settings
Složka Nalezeno : C:\Users\Petr\AppData\LocalLow\SweetIM
Složka Nalezeno : C:\Users\Petr\AppData\Roaming\NCdownloader
Složka Nalezeno : C:\WINDOWS\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Soubor Nalezeno : C:\END

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\pdfforge
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Search Settings
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\pdfforge
Klíe Nalezeno : HKCU\Software\ProtectedSearch
Klíe Nalezeno : HKCU\Software\Search Settings
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKLM\Software\Application Updater
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Klíe Nalezeno : HKLM\Software\pdfforge
Klíe Nalezeno : HKLM\Software\Search Settings
Klíe Nalezeno : HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16519

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938

-\\ Mozilla Firefox v16.0.2 (cs)

Soubor : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ehf7g86j.default\prefs.js

Nalezeno : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com/?si=41460&home=true&tid=2[...]
Nalezeno : user_pref("extensions.512f66845d7c4.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [10939 octets] - [18/03/2013 08:40:21]

########## EOF - C:\AdwCleaner[R1].txt - [11000 octets] ##########
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#10 Příspěvek od vyosek »

:arrow: Spustte znovu AdwCleaner
  • Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Smazat
  • PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#11 Příspěvek od pego »

# AdwCleaner v2.115 - Log vytvooen 18/03/2013 v 08:57:05
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 8 Pro (32 bits)
# Uživatel : Petr - PETR
# Spuštin systém : Normální
# Spuštino z : C:\Users\Petr\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****

Zastaveno & vymazáno : Application Updater

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files\Application Updater
Složka Vymazáno : C:\Program Files\Common Files\spigot
Složka Vymazáno : C:\Program Files\pdfforge Toolbar
Složka Vymazáno : C:\Program Files\Protected Search
Složka Vymazáno : C:\Program Files\Red Sky
Složka Vymazáno : C:\Program Files\SweetIM
Složka Vymazáno : C:\ProgramData\InstallMate
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Složka Vymazáno : C:\ProgramData\SoftSafe
Složka Vymazáno : C:\Users\Petr\AppData\Local\DownTango
Složka Vymazáno : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Složka Vymazáno : C:\Users\Petr\AppData\LocalLow\pdfforge
Složka Vymazáno : C:\Users\Petr\AppData\LocalLow\Search Settings
Složka Vymazáno : C:\Users\Petr\AppData\LocalLow\SweetIM
Složka Vymazáno : C:\Users\Petr\AppData\Roaming\NCdownloader
Složka Vymazáno : C:\WINDOWS\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Soubor Vymazáno : C:\END

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\pdfforge
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Search Settings
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\pdfforge
Klíe Vymazáno : HKCU\Software\ProtectedSearch
Klíe Vymazáno : HKCU\Software\Search Settings
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKLM\Software\Application Updater
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Klíe Vymazáno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Klíe Vymazáno : HKLM\Software\pdfforge
Klíe Vymazáno : HKLM\Software\Search Settings

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16519

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938 --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.2 (cs)

Soubor : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ehf7g86j.default\prefs.js

Vymazáno : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com/?si=41460&home=true&tid=2[...]
Vymazáno : user_pref("extensions.512f66845d7c4.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [11070 octets] - [18/03/2013 08:40:21]
AdwCleaner[S1].txt - [11223 octets] - [18/03/2013 08:57:05]

########## EOF - C:\AdwCleaner[S1].txt - [11284 octets] ##########
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#12 Příspěvek od vyosek »

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#13 Příspěvek od pego »

d. M. yyyy

2,94 Gb Total Physical Memory | 1,63 Gb Available Physical Memory | 55,55% Memory free
4,37 Gb Paging File | 2,01 Gb Available in Paging File | 46,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 178,50 Gb Total Space | 128,31 Gb Free Space | 71,88% Space Free | Partition Type: NTFS

Computer Name: PETR | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013/03/18 17:15:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
PRC - [2013/03/06 08:49:43 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\java.exe
PRC - [2013/03/06 08:49:43 | 000,040,352 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jp2launcher.exe
PRC - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/06 05:20:42 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2012/10/27 16:25:06 | 000,121,760 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\LiveComm.exe
PRC - [2012/10/18 22:52:34 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/11 06:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012/10/02 20:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/10/02 20:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/09/20 06:55:29 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWAHost.exe
PRC - [2012/07/26 04:30:33 | 000,013,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2012/07/26 04:30:19 | 000,029,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe
PRC - [2012/07/26 04:20:44 | 000,300,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/07/26 04:20:44 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2006/12/04 09:51:30 | 004,103,168 | ---- | M] () -- C:\Program Files\Qlock\qlock.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
MOD - [2013/03/11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013/03/11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013/03/11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013/03/11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013/03/11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013/03/06 08:49:43 | 000,016,288 | ---- | M] () -- C:\Program Files\Java\jre7\bin\jp2native.dll
MOD - [2012/10/27 16:25:25 | 000,146,336 | ---- | M] () -- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
MOD - [2006/12/04 09:51:30 | 004,103,168 | ---- | M] () -- C:\Program Files\Qlock\qlock.exe


========== Services (SafeList) ==========
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#14 Příspěvek od pego »

SRV - [2013/02/02 09:39:33 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2013/01/10 00:26:37 | 001,532,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2013/01/10 00:26:01 | 000,349,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/06 05:23:01 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2012/12/06 05:22:59 | 000,117,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2012/11/06 05:54:13 | 002,205,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/11/06 05:18:36 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2012/10/24 18:49:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/18 22:52:34 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/09/20 07:32:32 | 002,151,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2012/09/20 06:53:51 | 000,095,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2012/09/20 06:53:35 | 000,142,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2012/07/26 04:30:33 | 000,013,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2012/07/26 04:20:19 | 000,051,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2012/07/26 04:20:13 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2012/07/26 04:20:11 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2012/07/26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2012/07/26 04:20:04 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2012/07/26 04:19:54 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2012/07/26 04:19:40 | 002,028,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2012/07/26 04:19:21 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2012/07/26 04:19:21 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2012/07/26 04:18:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2012/07/26 04:18:24 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2012/07/26 04:18:18 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2012/07/26 04:18:13 | 000,261,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2012/07/26 04:17:58 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV - [2012/07/26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2012/07/26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2012/07/26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2012/07/26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2012/07/26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2012/07/26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV - [2013/02/07 02:49:00 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2013/02/02 10:00:11 | 000,361,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2013/02/02 08:31:49 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2013/01/10 02:07:00 | 000,024,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2012/11/27 04:53:14 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2012/11/20 05:56:58 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2012/11/06 04:52:56 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2012/10/19 03:52:32 | 000,022,432 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Dot4Prt.sys -- (Dot4Print)
DRV - [2012/10/19 03:52:30 | 000,137,632 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Dot4.sys -- (dot4)
DRV - [2012/10/18 22:52:18 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/10/12 08:12:33 | 000,023,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/10/11 06:45:31 | 000,050,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2012/10/11 06:28:23 | 000,046,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2012/09/20 08:09:32 | 000,031,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2012/09/20 07:34:12 | 000,268,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2012/09/20 07:34:10 | 000,179,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2012/09/20 07:34:07 | 000,097,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2012/09/20 07:30:10 | 000,121,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2012/07/26 05:17:18 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2012/07/26 04:48:44 | 000,058,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2012/07/26 04:42:33 | 000,068,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2012/07/26 04:42:32 | 000,099,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2012/07/26 04:42:32 | 000,070,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2012/07/26 04:42:31 | 000,085,232 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2012/07/26 04:42:19 | 000,285,424 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2012/07/26 04:42:19 | 000,080,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2012/07/26 04:42:18 | 000,076,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2012/07/26 04:42:18 | 000,066,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2012/07/26 04:42:15 | 000,238,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2012/07/26 04:42:15 | 000,059,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2012/07/26 04:40:36 | 000,038,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2012/07/26 04:40:10 | 000,256,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2012/07/26 04:39:55 | 000,029,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2012/07/26 04:34:01 | 000,199,920 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2012/07/26 04:33:00 | 000,130,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2012/07/26 04:33:00 | 000,042,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2012/07/26 04:33:00 | 000,032,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2012/07/26 04:30:33 | 000,028,072 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2012/07/26 03:36:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2012/07/26 03:36:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2012/07/26 03:36:36 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2012/07/26 03:36:35 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2012/07/26 03:35:30 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2012/07/26 03:35:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2012/07/26 03:35:10 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2012/07/26 03:35:06 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2012/07/26 03:35:04 | 000,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2012/07/26 03:34:43 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2012/07/26 03:34:42 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2012/07/26 03:34:22 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2012/07/26 03:34:04 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2012/07/26 03:33:53 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2012/07/26 03:33:50 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2012/07/26 03:33:37 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\winusb.sys -- (WinUsb)
DRV - [2012/07/26 03:33:29 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/07/26 03:33:16 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2012/07/26 03:32:54 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/07/26 03:32:53 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2012/07/26 03:32:02 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2012/07/26 03:31:11 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2012/07/26 03:30:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2012/07/26 03:30:39 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2012/07/25 23:49:39 | 000,238,080 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\yk63x86.sys -- (yukonw8)
DRV - [2009/08/10 11:07:32 | 000,089,600 | ---- | M] (Gemalto) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\GemCCID.sys -- (GemCCID)
DRV - [2004/08/13 08:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs-CZ
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA B6 1D CA 65 B3 CD 01 [binary data]
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\..\SearchScopes\{5CB0AEA3-8864-4567-8322-CA2086097877}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2934117812-3594515507-1608410286-1004\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Petr\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Petr\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/11 16:23:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/11/06 09:30:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\mozilla\Extensions
[2013/03/18 11:32:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\mozilla\Firefox\Profiles\ehf7g86j.default\extensions
[2013/03/10 11:05:42 | 000,000,000 | ---D | M] (Browwsse2saVee) -- C:\Users\Petr\AppData\Roaming\mozilla\Firefox\Profiles\ehf7g86j.default\extensions\ugtt_oln@hx-eaeoij.edu
[2012/11/06 09:29:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/25 01:03:24 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012/10/25 01:03:25 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012/10/25 01:03:25 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012/10/25 01:03:25 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012/10/25 01:03:25 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.96\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Petr\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Petr\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Browwsse2saVee = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\hchegnhgdgbjleojfheikhidicanjejo\1\
CHR - Extension: Gmail = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: YouTube = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Browwsse2saVee = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\hchegnhgdgbjleojfheikhidicanjejo\1\
CHR - Extension: Gmail = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/07/26 05:17:20 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Browwsse2saVee) - {81983BBA-89B0-E4F0-81DB-5CC786E5A631} - C:\ProgramData\Browwsse2saVee\512f66845d8ad.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [] File not found
O4 - Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qlock.lnk = C:\Program Files\Qlock\qlock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2934117812-3594515507-1608410286-1001\..Trusted Domains: csob.cz ([ib24] https in Důvěryhodné weby)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DD2F8A1-0273-4EF7-96F3-78DF58B17588}: DhcpNameServer = 192.168.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA2AF878-8955-47B4-AA76-631CFB74FEBE}: DhcpNameServer = 192.168.100.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /m /P \Device\HarddiskVolume3)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\WINDOWS\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: wlidsvc - C:\Windows\System32\wlidsvc.dll (Microsoft Corporation)
NetSvcs: SystemEventsBroker - C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
NetSvcs: DsmSvc - C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs: NcaSvc - C:\Windows\System32\NcaSvc.dll (Microsoft Corporation)

Drivers32: msacm.dvacm_vspx5 - c:\Program Files\Corel\Corel VideoStudio Pro X5\Common Files\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013/03/18 17:15:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2013/03/17 15:24:45 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Malwarebytes
[2013/03/17 15:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/17 15:23:42 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/03/17 15:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/03/17 15:21:54 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Local\Programs
[2013/03/16 14:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/03/16 14:40:54 | 000,000,000 | ---D | C] -- C:\rsit
[2013/03/14 08:54:22 | 002,877,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript9.dll
[2013/03/14 08:54:18 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013/03/14 08:54:18 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013/03/14 08:54:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iesysprep.dll
[2013/03/14 08:54:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iesetup.dll
[2013/03/14 08:54:17 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013/03/14 08:54:16 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
[2013/03/14 08:54:16 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\UXInit.dll
[2013/03/14 08:54:10 | 010,792,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.UI.Xaml.dll
[2013/03/14 08:54:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netprofmsvc.dll
[2013/03/14 08:54:04 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncsi.dll
[2013/03/14 08:54:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
[2013/03/14 08:54:03 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WWanAPI.dll
[2013/03/14 08:54:03 | 000,361,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBHUB3.SYS
[2013/03/14 08:54:03 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Windows.Networking.Connectivity.dll
[2013/03/14 08:54:03 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XpsRasterService.dll
[2013/03/14 08:54:02 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlroamextension.dll
[2013/03/14 08:54:02 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SettingSync.dll
[2013/03/14 08:54:02 | 000,302,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\storport.sys
[2013/03/14 08:54:02 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mbsmsapi.dll
[2013/03/14 08:54:02 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\taskkill.exe
[2013/03/14 08:54:02 | 000,053,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\crashdmp.sys
[2013/03/14 08:54:01 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpd_ci.dll
[2013/03/14 08:54:01 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2013/03/14 08:54:01 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hotspotauth.dll
[2013/03/14 08:54:01 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2013/03/14 08:54:01 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys
[2013/03/14 08:53:58 | 003,394,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2013/03/14 08:53:56 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFMediaEngine.dll
[2013/03/13 15:48:39 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll
[2013/03/13 13:50:32 | 008,856,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\twinui.dll
[2013/03/13 13:50:30 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\authui.dll
[2013/03/13 13:50:29 | 000,058,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pdc.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
Nahoru
pego
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 28 bře 2007 13:56

Re: Win32/FastSaveApp a Hack Tool/win32 Keygen

#15 Příspěvek od pego »

========== Files - Modified Within 7 Days ==========

[2013/03/18 17:21:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/03/18 17:15:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2013/03/18 17:13:25 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/18 11:30:29 | 000,726,246 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013/03/18 11:30:29 | 000,710,046 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/03/18 11:30:29 | 000,147,800 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013/03/18 11:30:29 | 000,132,416 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/03/18 10:17:00 | 001,064,373 | ---- | M] () -- C:\Users\Petr\Desktop\Titul.str.Ceník 2013 KK -pdf.pdf
[2013/03/18 08:59:59 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/03/18 08:59:57 | 2522,599,424 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/18 08:39:06 | 000,609,993 | ---- | M] () -- C:\Users\Petr\Desktop\adwcleaner.exe
[2013/03/17 15:23:52 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/15 16:03:31 | 000,535,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/18 17:21:31 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/03/18 11:30:01 | 001,064,373 | ---- | C] () -- C:\Users\Petr\Desktop\Titul.str.Ceník 2013 KK -pdf.pdf
[2013/03/18 08:38:54 | 000,609,993 | ---- | C] () -- C:\Users\Petr\Desktop\adwcleaner.exe
[2013/03/17 15:23:52 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/15 16:03:17 | 000,535,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/28 15:05:10 | 000,000,310 | ---- | C] () -- C:\WINDOWS\fnerr.dat
[2012/11/24 18:49:24 | 000,000,210 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/11/13 15:37:22 | 000,000,288 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\.backup.dm
[2012/10/30 19:01:32 | 000,015,432 | ---- | C] () -- C:\WINDOWS\Launcher.exe
[2012/10/28 14:48:43 | 000,007,335 | ---- | C] () -- C:\Users\Petr\kontakty.csv
[2012/10/27 16:05:26 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\OEMLicense.dll
[2012/10/26 17:42:36 | 000,244,777 | ---- | C] () -- C:\WINDOWS\hpwins18.dat
[2012/10/26 17:42:36 | 000,000,616 | ---- | C] () -- C:\WINDOWS\hpwmdl18.dat
[2012/10/26 14:38:35 | 000,000,017 | ---- | C] () -- C:\Users\Petr\AppData\Local\resmon.resmoncfg
[2012/10/19 03:52:30 | 002,907,040 | ---- | C] () -- C:\WINDOWS\System32\PortChanger.exe
[2012/07/26 09:05:42 | 000,726,246 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2012/07/26 09:05:42 | 000,296,594 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2012/07/26 09:05:42 | 000,147,800 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2012/07/26 09:05:42 | 000,038,682 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2012/07/26 07:55:27 | 000,710,046 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2012/07/26 07:55:27 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2012/07/26 07:55:27 | 000,132,416 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2012/07/26 07:55:27 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2012/07/26 07:53:47 | 000,215,943 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2012/07/26 07:53:46 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2012/07/26 07:03:55 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/07/26 02:20:38 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\BthpanContextHandler.dll
[2012/07/26 02:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\BWContextHandler.dll
[2012/07/25 21:41:36 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/07/25 21:24:47 | 000,526,068 | ---- | C] () -- C:\WINDOWS\System32\staticurllist.bin
[2012/07/14 03:00:46 | 000,043,882 | ---- | C] () -- C:\WINDOWS\System32\srms.dat
[2012/06/02 21:25:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\settings.dat
[2012/06/02 15:31:24 | 001,520,828 | ---- | C] () -- C:\WINDOWS\System32\WpcNBModel.bin
[2012/06/02 15:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

========== ZeroAccess Check ==========

[2012/11/24 18:39:04 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/01/10 00:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012/07/26 04:20:13 | 000,354,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/11/17 18:14:28 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\MetaQuotes
[2012/11/25 14:04:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Ulead Systems

========== Purity Check ==========



========== Custom Scans ==========

< >
[2012/07/26 07:04:47 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013/02/08 15:31:24 | 000,000,916 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2934117812-3594515507-1608410286-1001Core1ce0608f89457b6.job

< >

< MD5 for: ATAPI.SYS >
[2012/07/26 04:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\System32\Drivers\atapi.sys
[2012/07/26 04:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_79ee6a786812523f\atapi.sys
[2012/07/26 04:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\WinSxS\x86_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_d9e333faf2f0935d\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2012/07/26 04:20:43 | 000,792,064 | ---- | M] (Microsoft Corporation) MD5=55653D86D712641DB6930FAB64F452FF -- C:\Windows\System32\autochk.exe
[2012/07/26 04:20:43 | 000,792,064 | ---- | M] (Microsoft Corporation) MD5=55653D86D712641DB6930FAB64F452FF -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_de9ef92a9327e7b0\autochk.exe

< MD5 for: CDROM.SYS >
[2012/07/26 03:33:53 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=4E707EC5071DD8F5C29A7410780BD4C3 -- C:\Windows\System32\Drivers\cdrom.sys
[2012/07/26 03:33:53 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=4E707EC5071DD8F5C29A7410780BD4C3 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_a76623cebb64c613\cdrom.sys
[2012/07/26 03:33:53 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=4E707EC5071DD8F5C29A7410780BD4C3 -- C:\Windows\WinSxS\x86_cdrom.inf_31bf3856ad364e35_6.2.9200.16384_none_5c5467c3752e2f0b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2012/10/11 06:53:24 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=0AD19A3CA61271BA872AD90771BA47DC -- C:\Windows\WinSxS\x86_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_4f1f6140641844bc\explorer.exe
[2012/07/26 04:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\WinSxS\x86_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_4e5fb2f34b233380\explorer.exe
[2012/10/11 06:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=953ADECFF08202A01EFC6110214FDE02 -- C:\Windows\explorer.exe
[2012/10/11 06:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=953ADECFF08202A01EFC6110214FDE02 -- C:\Windows\WinSxS\x86_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_4e94c42b4afb8b9b\explorer.exe

< MD5 for: HAL.DLL >
[2012/10/24 04:11:52 | 000,319,208 | ---- | M] (Microsoft Corporation) MD5=0EC3C2C84FC95B03ACEDB54ACBB35503 -- C:\Windows\System32\hal.dll
[2012/10/24 04:11:52 | 000,319,208 | ---- | M] (Microsoft Corporation) MD5=0EC3C2C84FC95B03ACEDB54ACBB35503 -- C:\Windows\WinSxS\x86_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16442_none_a7fd3f872af256cb\hal.dll
[2012/09/20 07:45:20 | 000,319,208 | ---- | M] (Microsoft Corporation) MD5=3109E287FC752781653DD002B1651BD4 -- C:\Windows\WinSxS\x86_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20521_none_a89b7be04400a55c\hal.dll
[2012/07/26 05:17:18 | 000,319,216 | ---- | M] (Microsoft Corporation) MD5=4EC411F1AC6C9FB3A96C16D0C500A433 -- C:\Windows\WinSxS\x86_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16384_none_a7d3fe852b10fc16\hal.dll
[2012/10/24 04:12:45 | 000,319,208 | ---- | M] (Microsoft Corporation) MD5=C60854F0334E85F302EE73B6F6F2057A -- C:\Windows\WinSxS\x86_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20544_none_a888dce6440e2943\hal.dll
[2012/09/20 07:27:25 | 000,319,208 | ---- | M] (Microsoft Corporation) MD5=CFE569DE5CE1328CEB7FD8C1334C21D0 -- C:\Windows\WinSxS\x86_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16420_none_a810decb2ae3ec3b\hal.dll

< MD5 for: SCECLI.DLL >
[2012/07/26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\System32\scecli.dll
[2012/07/26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\WinSxS\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_34b8ee3caa8233d3\scecli.dll

< MD5 for: SERVICES.EXE >
[2012/09/20 06:56:25 | 000,332,800 | ---- | M] (Microsoft Corporation) MD5=3E918B8C816F4CBBC7C74196590BF53E -- C:\Windows\WinSxS\x86_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.20521_none_3c8b4eaae6f9ad7c\services.exe
[2012/07/26 05:17:18 | 000,333,312 | ---- | M] (Microsoft Corporation) MD5=575FB4211BB07DB7D2179B1B05FE7EFD -- C:\Windows\WinSxS\x86_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_3bc3d14fce0a0436\services.exe
[2012/09/20 06:55:24 | 000,332,800 | ---- | M] (Microsoft Corporation) MD5=6528BAACA25356FE226904DD36C82BA7 -- C:\Windows\System32\services.exe
[2012/09/20 06:55:24 | 000,332,800 | ---- | M] (Microsoft Corporation) MD5=6528BAACA25356FE226904DD36C82BA7 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16420_none_3c00b195cddcf45b\services.exe

< MD5 for: SVCHOST.EXE >
[2012/07/26 04:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2012/09/20 06:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\System32\svchost.exe
[2012/09/20 06:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe
[2012/09/20 06:56:27 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=EEF5E64822C3E21B186EA53463BE92DA -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe

< MD5 for: TCPIP.SYS >
[2013/02/02 08:40:27 | 001,817,320 | ---- | M] (Microsoft Corporation) MD5=3344A919FAB7DE013710581F9C003495 -- C:\Windows\WinSxS\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20623_none_b0929e0850baded2\tcpip.sys
[2013/02/02 10:19:59 | 001,817,320 | ---- | M] (Microsoft Corporation) MD5=491D7A3E2EC6696CE78321FD5B54E8B7 -- C:\Windows\System32\Drivers\tcpip.sys
[2013/02/02 10:19:59 | 001,817,320 | ---- | M] (Microsoft Corporation) MD5=491D7A3E2EC6696CE78321FD5B54E8B7 -- C:\Windows\WinSxS\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16518_none_b018d29b3790a1ca\tcpip.sys
[2012/09/20 07:43:20 | 001,817,320 | ---- | M] (Microsoft Corporation) MD5=5308B8C3C89E8FD1074BB321231D8425 -- C:\Windows\WinSxS\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16420_none_b005fe79379ff5dc\tcpip.sys
[2013/01/31 01:57:02 | 001,817,320 | ---- | M] (Microsoft Corporation) MD5=782487FF4D63470A4307216D02ECED68 -- C:\Windows\WinSxS\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20621_none_b0909d7450bcac24\tcpip.sys
[2012/09/20 08:33:39 | 001,817,320 | ---- | M] (Microsoft Corporation) MD5=AF092DE4F1B40BE3DF2E87F79848D6AB -- C:\Windows\WinSxS\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20521_none_b0909b8e50bcaefd\tcpip.sys
[2013/01/31 02:54:34 | 001,817,320 | ---- | M] (Microsoft Corporation) MD5=DA9D8FD38190C66E747D13B7F5E1945A -- C:\Windows\WinSxS\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16516_none_b016d20737926f1c\tcpip.sys
[2012/07/26 05:17:16 | 001,817,328 | ---- | M] (Microsoft Corporation) MD5=FF19CA1C64458F4E0F4F0FAEA22313C2 -- C:\Windows\WinSxS\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16384_none_afc91e3337cd05b7\tcpip.sys

< MD5 for: USERINIT.EXE >
[2012/07/26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\System32\userinit.exe
[2012/07/26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2012/10/11 06:08:28 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=87DA6ACA9AF2F536C68471787D1B3F4A -- C:\Windows\System32\winlogon.exe
[2012/10/11 06:08:28 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=87DA6ACA9AF2F536C68471787D1B3F4A -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_6ca31e2fa63098d1\winlogon.exe
[2012/10/11 06:13:23 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=9EA55D5CAC625110BD1E9E36F7EACB3B -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_6d2dbb44bf4d51f2\winlogon.exe
[2012/09/20 06:56:29 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=B5104C92CED439A9AFD97B9289D586EC -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_6d358a52bf47e9fc\winlogon.exe
[2012/07/26 04:21:01 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=C06BA1F360CEF6AB51F41B3D0D5FE92D -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_6c6e0cf7a65840b6\winlogon.exe
[2012/09/20 06:55:28 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=D75035A24FF8D5A489366C685030DB4C -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_6caaed3da62b30db\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\Panther\*.tmp files -> C:\WINDOWS\Panther\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[4 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/10/26 11:58:24 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Adobe
[2013/02/28 14:02:18 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Corel
[2013/03/14 09:53:50 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\dvdcss
[2012/10/26 17:48:51 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\HP
[2013/03/01 13:25:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\HpUpdate
[2012/10/27 17:34:14 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Identities
[2012/10/26 11:49:34 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Macromedia
[2013/03/17 15:24:45 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Malwarebytes
[2012/11/17 18:14:28 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\MetaQuotes
[2013/02/28 13:57:04 | 000,000,000 | --SD | M] -- C:\Users\Petr\AppData\Roaming\Microsoft
[2012/11/06 09:30:30 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Mozilla
[2012/11/25 14:04:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Ulead Systems
[2013/03/15 16:22:32 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\vlc
[2012/10/30 19:15:48 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013/01/07 09:28:27 | 000,309,832 | ---- | M] (MetaQuotes Software Corp.) -- C:\Users\Petr\AppData\Roaming\MetaQuotes\MetaTrader 4 Terminal\878A0E18704B666D48FF170C56C0DF13\liveupdate.exe
[2012/11/19 13:57:20 | 000,004,334 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_39ff3685.exe
[2012/11/19 13:57:20 | 000,004,334 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_4b212431.exe
[2012/11/19 13:57:20 | 000,004,334 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_60b71bcc.exe
[2012/11/19 13:57:20 | 000,004,334 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}\_7406546d.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013/02/08 15:31:24 | 000,000,916 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2934117812-3594515507-1608410286-1001Core1ce0608f89457b6.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/03/18 11:30:29 | 000,147,800 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013/03/18 11:30:29 | 000,132,416 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013/03/18 11:30:29 | 000,726,246 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013/03/18 11:30:29 | 000,710,046 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013/03/18 11:30:29 | 001,714,430 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012/10/26 16:14:29 | 000,136,176 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012/10/24 18:49:10 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=E60E9D5F229CB8DA347D48ADD6E8DC47 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013/02/05 06:23:07 | 000,770,544 | ---- | M] (Microsoft Corporation) MD5=DEAE808A574CF9FC667D6939387FC1CE -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/03/18 17:21:31 | 000,000,512 | ---- | M] () MD5=12A7FE4AB8410269A5EDE1754416A566 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012/02/27 21:36:42 | 000,092,827 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X6\Custom Data\Bumpmap\Cracks.cpt
[2012/02/27 21:36:42 | 000,017,870 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X6\Custom Data\Canvas\cracks2c.bmp
[2005/12/10 00:12:11 | 000,018,350 | ---- | M] () -- \Program Files\Vitware\Dictionary\SndBank\crack.am.wav
[2013/03/03 15:41:08 | 000,001,197 | ---- | M] () -- \ProgramData\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2013/03/03 15:41:08 | 000,001,197 | ---- | M] () -- \Users\All Users\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2013/03/03 15:41:08 | 000,001,197 | ---- | M] () -- \Windows.old\Users\All Users\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf

< *keygen* /s >
[2013/02/28 14:05:47 | 000,000,752 | ---- | M] () -- \Users\Petr\AppData\Roaming\Microsoft\Windows\Recent\CorelDRAW-X5-CZ+Keygen+CZ-návod-jak-správně-instalovat!!!.lnk
[2013/02/28 14:36:09 | 000,031,100 | ---- | M] () -- \Windows\Prefetch\KEYGEN.EXE-61C8F9E8.pf

< *loader* /s >
[2012/07/26 01:39:41 | 000,589,312 | ---- | M] () -- \ESD\Windows\sources\upgloader.dll
[2012/07/26 07:35:47 | 000,022,016 | ---- | M] () -- \ESD\Windows\sources\cs-cz\upgloader.dll.mui
[2006/10/26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2008/07/30 10:06:58 | 000,072,192 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2008/07/29 03:43:16 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2009/01/04 19:53:08 | 000,002,945 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X5\accLoader.ini
[2012/01/19 05:47:30 | 000,166,768 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X5\VimeoUploader.dll
[2012/02/28 04:53:38 | 000,013,216 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X6\Programs\ReflectionLoader.dll
[2011/04/29 11:27:44 | 000,145,082 | ---- | M] () -- \Program Files\HP\Digital Imaging\HelpViewer\Resources\Loader.gif
[2011/10/12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\facebook\7.1.391\js\downloader.js
[2011/10/12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\facebooklike\7.1.391\js\downloader.js
[2011/10/12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\fbsharedservices\7.1.391\js\downloader.js
[2011/10/12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\featured\7.1.391\js\downloader.js
[2011/10/12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\games\7.1.391\js\shared\downloader.js
[2011/10/12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\chat\7.1.391\js\downloader.js
[2011/10/12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\scripts\io\downloader.js
[2012/07/26 09:11:31 | 000,039,485 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.2.0.137_x86__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2012/10/27 16:13:51 | 000,032,157 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.5.1.251_x86__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2012/07/26 09:10:06 | 000,002,809 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2012/07/26 09:10:07 | 000,001,583 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2012/07/26 09:10:07 | 000,001,711 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2012/07/26 09:10:07 | 000,002,509 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2012/07/26 09:10:09 | 000,002,394 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2012/07/26 09:10:09 | 000,005,028 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2012/10/27 16:25:06 | 000,002,501 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2012/10/27 16:25:19 | 000,001,561 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2012/10/27 16:25:19 | 000,001,208 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2012/10/27 16:25:19 | 000,002,847 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2012/10/27 16:25:23 | 000,001,813 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2012/07/26 09:10:09 | 000,005,028 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x86__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2012/10/27 16:25:06 | 000,002,501 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x86__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2012/10/27 16:25:19 | 000,001,561 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x86__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2012/10/27 16:25:19 | 000,001,208 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x86__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2012/10/27 16:25:19 | 000,002,847 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x86__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2012/10/27 16:25:23 | 000,001,813 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x86__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2012/07/26 09:10:09 | 000,005,028 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x86__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2012/07/26 09:11:26 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.0.927.0_x86__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/07/26 09:10:50 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.0.927.0_x86__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/11/18 15:09:33 | 000,055,562 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.1.139.0_x86__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/11/18 15:09:33 | 000,055,562 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.1.144.0_x86__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/07/26 09:10:57 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.0.927.0_x86__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/10/27 16:14:26 | 000,054,797 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.1.134.0_x86__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/03/03 15:41:40 | 000,021,364 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2013/03/03 15:41:42 | 000,003,916 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2013/03/03 15:41:33 | 000,004,554 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.6f978e858297c4628fa6d767f5f57512.inf
[2013/03/03 15:41:33 | 000,000,424 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.aa37a7aedcb3569a6ae8cb03167869da.inf
[2013/03/03 15:41:40 | 000,021,364 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2013/03/03 15:41:42 | 000,003,916 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2013/03/03 15:41:33 | 000,004,554 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.6f978e858297c4628fa6d767f5f57512.inf
[2013/03/03 15:41:33 | 000,000,424 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.aa37a7aedcb3569a6ae8cb03167869da.inf
[2013/02/28 16:44:47 | 000,001,314 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\NCdownloader.exe.log
[2013/03/14 08:55:33 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HIL3Z3V\ajax-preloader-bg[1].gif
[2012/12/13 14:57:22 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCA284KTE.gif
[2013/02/28 16:22:00 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCA3DBAFE.gif
[2012/12/12 13:25:40 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCA3W99WD.gif
[2012/12/04 09:22:31 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCA4Y58FV.gif
[2012/12/04 09:22:16 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCA5BEU09.gif
[2012/12/17 13:28:26 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCA6FVJQX.gif
[2012/12/11 14:29:52 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCA73HUQ2.gif
[2012/12/13 14:57:57 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCAAYKE89.gif
[2012/12/18 16:59:55 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCACR9FVZ.gif
[2012/12/17 13:28:12 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCAE5R8XK.gif
[2012/12/04 09:44:02 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCAGDWCD3.gif
[2012/12/13 14:57:05 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCAI20ZA3.gif
[2012/12/07 09:00:13 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCAMTD84O.gif
[2012/12/04 09:53:32 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bgCAZ92Q2N.gif
[2012/12/02 13:59:35 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bg[10].gif
[2012/12/02 14:04:15 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bg[11].gif
[2012/11/23 10:15:24 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bg[1].gif
[2012/11/23 10:16:10 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bg[2].gif
[2012/11/23 10:20:14 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bg[3].gif
[2012/11/25 18:24:00 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bg[4].gif
[2012/11/26 17:38:28 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bg[5].gif
[2012/11/27 17:54:19 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bg[6].gif
[2012/11/29 11:19:14 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bg[7].gif
[2012/11/30 09:30:20 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bg[8].gif
[2012/11/30 16:13:15 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ajax-preloader-bg[9].gif
[2013/02/28 15:17:20 | 001,740,699 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0M3XPMEA\ncdownloader[1].exe
[2013/03/14 08:20:14 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3YT7FE14\ajax-preloader-bg[1].gif
[2013/03/08 09:34:55 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bgCAJD33AJ.gif
[2012/11/21 09:46:08 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bgCAV3BIB0.gif
[2012/11/20 10:28:25 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bg[10].gif
[2012/11/20 17:31:34 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bg[11].gif
[2012/11/06 12:47:01 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bg[1].gif
[2012/11/06 12:51:04 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bg[2].gif
[2012/11/06 15:02:12 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bg[3].gif
[2012/11/08 17:47:24 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bg[4].gif
[2012/11/12 14:22:54 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bg[5].gif
[2012/11/13 14:28:00 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bg[6].gif
[2012/11/16 12:42:43 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bg[7].gif
[2012/11/16 12:45:58 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bg[8].gif
[2012/11/20 10:23:21 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\ajax-preloader-bg[9].gif
[2012/11/12 14:29:41 | 000,000,000 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RH9ODIB\condflashloader[1].js
[2012/11/12 20:55:45 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bgCA6KDZV4.gif
[2013/02/28 16:21:39 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bgCA6L3NLE.gif
[2012/11/12 14:29:26 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bgCA9UEVKJ.gif
[2012/11/15 10:32:53 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bgCAA82S7T.gif
[2012/11/14 15:50:59 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bgCAG7KPAM.gif
[2013/03/05 14:44:44 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bgCAGL36MU.gif
[2012/11/20 10:03:33 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bgCAPH54OR.gif
[2012/11/14 15:51:18 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bgCAR67VTB.gif
[2013/02/26 08:35:42 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bgCAZMZZMR.gif
[2012/11/09 09:00:41 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bg[10].gif
[2012/11/12 10:31:56 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bg[11].gif
[2012/11/06 12:48:48 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bg[1].gif
[2012/11/06 12:51:49 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bg[2].gif
[2012/11/06 13:14:46 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bg[3].gif
[2012/11/06 13:27:58 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bg[4].gif
[2012/11/06 15:03:04 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bg[5].gif
[2012/11/08 09:06:29 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bg[6].gif
[2012/11/08 09:07:35 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bg[7].gif
[2012/11/08 17:46:45 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bg[8].gif
[2012/11/09 08:59:53 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\ajax-preloader-bg[9].gif
[2012/11/12 10:35:36 | 000,000,967 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1OSLL1K\loader-small[1].gif
[2013/02/13 14:35:07 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bgCA51970J.gif
[2013/03/11 09:30:14 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bgCA82E10V.gif
[2013/02/25 15:47:50 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bgCA8OQMCT.gif
[2013/02/15 10:12:52 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bgCAC7NCTG.gif
[2013/02/19 10:45:47 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bgCASW492J.gif
[2013/03/07 10:53:32 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bgCAUDFFXM.gif
[2013/02/22 19:04:21 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bgCAZ41T27.gif
[2013/02/10 15:40:15 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bg[10].gif
[2013/02/10 15:46:01 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bg[11].gif
[2012/12/28 15:48:07 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bg[1].gif
[2012/12/28 15:48:54 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bg[2].gif
[2013/01/02 09:20:57 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bg[3].gif
[2013/01/02 10:39:58 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bg[4].gif
[2013/01/04 09:00:10 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bg[5].gif
[2013/01/10 10:28:59 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bg[6].gif
[2013/01/10 18:27:34 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bg[7].gif
[2013/01/11 09:57:49 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bg[8].gif
[2013/01/13 12:53:59 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZIX3SEZ\ajax-preloader-bg[9].gif
[2012/12/11 15:01:23 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCA0UR7FC.gif
[2012/12/17 14:52:55 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCA28OA3T.gif
[2012/12/14 17:13:29 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCA539YYC.gif
[2012/12/07 09:00:33 | 000,000,000 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCACIPCT9.gif
[2012/12/17 14:53:49 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCADF60TI.gif
[2013/03/13 08:40:13 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCAEO0E8Z.gif
[2013/03/07 10:41:19 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCAF58DV8.gif
[2012/12/10 15:53:35 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCAGXWKO5.gif
[2012/12/03 11:18:31 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCAN6DRH7.gif
[2012/12/04 09:31:21 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCAOQAITE.gif
[2012/12/05 08:42:38 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCAV86HBG.gif
[2012/12/03 11:18:54 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bgCAXKJDAQ.gif
[2012/11/30 16:08:32 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bg[10].gif
[2012/12/02 14:06:45 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bg[11].gif
[2012/11/22 12:24:36 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bg[1].gif
[2012/11/22 12:24:51 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bg[2].gif
[2012/11/24 18:05:49 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bg[3].gif
[2012/11/28 09:27:59 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bg[4].gif
[2012/11/28 10:01:44 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bg[5].gif
[2012/11/30 09:16:48 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bg[6].gif
[2012/11/30 10:09:19 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bg[7].gif
[2012/11/30 16:06:12 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bg[8].gif
[2012/11/30 16:08:17 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFG5WIKJ\ajax-preloader-bg[9].gif
[2012/12/04 09:54:12 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bgCAA8TE3D.gif
[2012/12/12 13:35:31 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bgCAB8NEEY.gif
[2012/12/10 13:11:16 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bgCABP0EBZ.gif
[2012/12/18 17:11:44 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bgCAC4ZX6V.gif
[2012/12/17 13:29:39 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bgCAF6F9SL.gif
[2012/12/04 09:38:39 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bgCAK0O1GD.gif
[2012/12/04 10:03:36 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bgCALSW5N2.gif
[2012/12/04 09:54:00 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bgCAV2NJTH.gif
[2012/12/10 16:16:51 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bgCAYSVYJJ.gif
[2012/11/30 10:09:34 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bg[10].gif
[2012/12/02 13:59:51 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bg[11].gif
[2012/11/22 16:27:46 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bg[1].gif
[2012/11/24 18:06:06 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bg[2].gif
[2012/11/25 18:24:15 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bg[3].gif
[2012/11/26 13:09:51 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bg[4].gif
[2012/11/26 13:10:16 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bg[5].gif
[2012/11/28 09:27:32 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bg[6].gif
[2012/11/29 09:22:01 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bg[7].gif
[2012/11/29 09:22:41 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bg[8].gif
[2012/11/30 09:16:08 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKC596YH\ajax-preloader-bg[9].gif
[2012/11/29 09:19:59 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0FNUSJX\ajax-preloader-bg[1].gif
[2012/11/29 16:49:34 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0FNUSJX\ajax-preloader-bg[2].gif
[2012/11/30 09:15:54 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0FNUSJX\ajax-preloader-bg[3].gif
[2012/12/05 08:42:18 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0FNUSJX\ajax-preloader-bg[4].gif
[2012/12/12 08:41:45 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0FNUSJX\ajax-preloader-bg[5].gif
[2012/12/12 13:25:55 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0FNUSJX\ajax-preloader-bg[6].gif
[2013/03/07 10:42:18 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0FNUSJX\ajax-preloader-bg[7].gif
[2013/02/26 08:37:53 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCA05LP3G.gif
[2013/02/18 10:21:13 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCA1N0VFL.gif
[2013/02/10 15:44:00 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCA5MSVSF.gif
[2013/02/12 17:21:33 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCA5XYGKF.gif
[2013/02/28 16:22:30 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCA7J0020.gif
[2013/02/11 14:29:48 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCAA2CWFP.gif
[2013/02/18 10:05:21 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCAA9SE9W.gif
[2013/02/19 17:43:45 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCAF022F9.gif
[2013/02/18 08:57:42 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCAKMQHE1.gif
[2013/02/19 20:44:29 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCALE86NY.gif
[2013/02/09 09:19:36 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCAW6U892.gif
[2013/02/13 14:34:41 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bgCAYAO6L7.gif
[2013/01/11 09:58:12 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bg[10].gif
[2013/02/09 09:19:15 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bg[11].gif
[2012/12/28 10:20:03 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bg[1].gif
[2013/01/01 18:50:22 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bg[2].gif
[2013/01/01 20:05:36 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bg[3].gif
[2013/01/04 09:00:27 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bg[4].gif
[2013/01/04 09:11:24 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bg[5].gif
[2013/01/04 09:39:17 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bg[6].gif
[2013/01/08 15:59:53 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bg[7].gif
[2013/01/09 13:54:52 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bg[8].gif
[2013/01/10 10:29:15 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\ajax-preloader-bg[9].gif
[2013/02/11 16:18:41 | 000,021,925 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8K889GO\universaldownloader-prefetch[1].htm
[2013/03/13 08:40:49 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JIP3YOQ2\ajax-preloader-bg[1].gif
[2013/01/13 12:53:21 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCA06YQ7H.gif
[2013/01/10 11:42:25 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCA20QM4T.gif
[2013/02/19 10:45:18 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCA3EBVA2.gif
[2013/01/13 12:46:25 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCA6EM6LT.gif
[2013/02/13 08:20:07 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCAD0L8CB.gif
[2013/01/10 11:40:12 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCAEYQTVL.gif
[2013/02/12 17:02:13 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCAGSN18E.gif
[2013/02/22 19:04:03 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCAH0SLRC.gif
[2013/01/10 11:42:04 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCAH68FI5.gif
[2013/02/13 08:21:21 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCALC50WB.gif
[2013/02/18 10:04:59 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCALU3S3U.gif
[2013/02/19 17:36:47 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCAMO14BS.gif
[2013/03/11 09:29:54 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCAO50M41.gif
[2013/01/10 18:27:20 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCAOGRTRM.gif
[2013/01/11 09:58:46 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCASX7HS2.gif
[2013/01/11 09:57:24 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bgCAVBXKF5.gif
[2013/01/04 09:38:11 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bg[10].gif
[2013/01/10 10:28:56 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bg[11].gif
[2012/12/27 16:27:15 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bg[1].gif
[2012/12/28 10:19:01 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bg[2].gif
[2012/12/28 10:19:16 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bg[3].gif
[2012/12/28 15:48:57 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bg[4].gif
[2013/01/02 09:20:38 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bg[5].gif
[2013/01/02 09:47:29 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bg[6].gif
[2013/01/02 09:48:05 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bg[7].gif
[2013/01/03 18:06:30 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bg[8].gif
[2013/01/03 18:06:54 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\ajax-preloader-bg[9].gif
[2013/03/03 15:41:06 | 000,003,229 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\loader[1].gif
[2013/03/03 15:41:03 | 000,010,439 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\Loader[1].swf
[2013/03/03 15:56:24 | 000,003,179 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5S2FS8F\loader[2].gif
[2012/11/08 18:01:09 | 000,001,924 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-loader[1].gif
[2012/11/21 13:50:51 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bgCA02ZPT9.gif
[2012/11/21 09:45:51 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bgCAEQNCLE.gif
[2013/03/13 08:39:50 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bgCAND4MUS.gif
[2013/03/07 10:53:15 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bgCAPW3ZU7.gif
[2013/02/26 17:01:19 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bgCASZB6ZV.gif
[2013/03/07 10:43:06 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bgCAUL0023.gif
[2012/11/14 15:47:30 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bg[10].gif
[2012/11/19 20:02:40 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bg[11].gif
[2012/11/06 17:41:29 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bg[1].gif
[2012/11/08 09:06:04 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bg[2].gif
[2012/11/08 18:08:10 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bg[3].gif
[2012/11/09 11:50:29 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bg[4].gif
[2012/11/12 10:34:18 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bg[5].gif
[2012/11/12 14:22:03 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bg[6].gif
[2012/11/12 14:40:20 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bg[7].gif
[2012/11/12 20:54:00 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bg[8].gif
[2012/11/13 11:25:53 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\ajax-preloader-bg[9].gif
[2012/11/12 14:29:42 | 000,000,000 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\condflashloader[1]
[2012/11/12 10:35:36 | 000,004,781 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\loader-anim[1].png
[2012/11/12 10:35:36 | 000,000,081 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\loader-bg[1].png
[2012/10/30 19:11:56 | 000,022,453 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQNQJS2G\universaldownloader-prefetch[1].htm
[2013/02/25 15:48:13 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bgCA7JB3LZ.gif
[2013/02/26 16:58:02 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bgCA7ML6VC.gif
[2013/01/13 13:34:48 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bgCAAW5LVX.gif
[2013/02/12 17:02:34 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bgCACR509S.gif
[2013/02/18 08:57:18 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bgCAPA93AX.gif
[2013/02/21 09:17:04 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bgCAV220N7.gif
[2013/02/19 17:37:31 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bgCAXURQPE.gif
[2013/02/10 15:39:48 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bgCAZQQGTF.gif
[2013/01/11 09:57:24 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bg[10].gif
[2013/01/11 09:57:49 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bg[11].gif
[2012/12/19 09:44:58 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bg[1].gif
[2012/12/27 16:26:53 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bg[2].gif
[2012/12/28 15:48:24 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bg[3].gif
[2013/01/01 18:50:09 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bg[4].gif
[2013/01/04 09:40:56 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bg[5].gif
[2013/01/09 13:54:29 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bg[6].gif
[2013/01/09 13:54:33 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bg[7].gif
[2013/01/10 11:40:11 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bg[8].gif
[2013/01/10 18:27:17 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\ajax-preloader-bg[9].gif
[2013/03/03 15:41:09 | 000,008,787 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU8RKHA3\loader[1].gif
[2012/11/13 14:28:58 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bgCA3OLH2Y.gif
[2012/11/15 10:33:16 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bgCA5V01PH.gif
[2012/12/18 17:11:59 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bgCA68M03V.gif
[2012/11/13 14:39:20 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bgCABVUGLC.gif
[2013/02/26 17:00:43 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bgCAC748AH.gif
[2012/11/20 10:03:14 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bgCADOKQVJ.gif
[2012/11/20 17:30:49 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bgCAO5ZXN5.gif
[2012/11/20 10:06:39 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bgCAPP8A9G.gif
[2012/11/19 20:02:14 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bgCASB74DB.gif
[2012/11/12 14:46:57 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bg[10].gif
[2012/11/12 19:02:48 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bg[11].gif
[2012/11/06 13:13:32 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bg[1].gif
[2012/11/06 15:04:44 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bg[2].gif
[2012/11/06 15:59:01 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bg[3].gif
[2012/11/06 15:59:26 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bg[4].gif
[2012/11/06 16:13:25 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bg[5].gif
[2012/11/09 08:59:28 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bg[6].gif
[2012/11/09 09:46:09 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bg[7].gif
[2012/11/09 09:46:26 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bg[8].gif
[2012/11/10 17:38:35 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\ajax-preloader-bg[9].gif
[2012/11/12 10:35:36 | 000,009,461 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XA68I7IT\loader[1].gif
[2013/03/14 08:19:02 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YI7OX7AA\ajax-preloader-bg[1].gif
[2012/11/01 11:31:40 | 000,001,924 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-loader[1].gif
[2012/11/06 08:59:27 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-preloader-bg[10].gif
[2012/11/06 10:55:55 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-preloader-bg[11].gif
[2012/10/29 17:47:21 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-preloader-bg[1].gif
[2012/10/29 17:47:35 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-preloader-bg[2].gif
[2012/10/30 18:13:37 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-preloader-bg[3].gif
[2012/10/31 11:06:56 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-preloader-bg[4].gif
[2012/10/31 11:07:44 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-preloader-bg[5].gif
[2012/11/01 11:06:28 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-preloader-bg[6].gif
[2012/11/01 11:10:45 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-preloader-bg[7].gif
[2012/11/01 11:11:29 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-preloader-bg[8].gif
[2012/11/01 12:22:10 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\ajax-preloader-bg[9].gif
[2012/11/01 11:24:45 | 000,000,000 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\condflashloader[1]
[2012/11/05 11:41:36 | 000,009,461 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1SIU6O4P\loader[1].gif
[2012/11/06 12:38:32 | 000,000,694 | ---- | M] () -- \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2D8WZOEH\ajax-preloader-bgCA1HR6K2.gif
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“