Logfile of random's system information tool 1.08 (written by random/random)
Run by Zdenda at 2013-03-19 21:21:21
Microsoft Windows 7 Ultimate
System drive C: has 332 GB (66%) free of 500 GB
Total RAM: 4095 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:22:07, on 19.3.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
C:\Program Files (x86)\Mumble\mumble.exe
C:\Program Files (x86)\Mumble\dbus-daemon.exe
C:\Windows\SysWOW64\DllHost.exe
D:\Games\World_of_Tanks\WOTLauncher.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\trend micro\Zdenda.exe
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=74f818f8 ... 242157054f
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Zoomex - {031B4C0E-E357-91ED-FFFB-B328A08F972E} - C:\ProgramData\Zoomex\51002736c099f.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O9 - Extra button: (no name) - {5f7f7e76-0f61-4de9-8ae6-e5ee565cd118} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O20 - AppInit_DLLs: c:\progra~2\zoomex\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12495 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
C:\Windows\Explorer.EXE
taskeng.exe {DEA14030-77F0-4BD3-8FD4-FA754BC334E6}
taskeng.exe {B5910C80-E4C1-4BA4-A5AA-772479103A88}
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe /schedule /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
"C:\Program Files (x86)\Protected Search\ProtectedSearch.exe"
C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2448
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-56e3ca18-9d75-4f4c-bd83-3c089993d93f -SystemEventPortName:HostProcess-d90376b0-f60e-4ee2-b455-d1e2cf7a3bca -IoCancelEventPortName:HostProcess-7943fc18-efe9-4e05-a54d-7ccee01b25ef -NonStateChangingEventPortName:HostProcess-9f080d78-9542-476a-ab23-1a8d4e96bc9c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2723f789-05e1-4309-bd8d-583c464cb319
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
"C:\ProgramData\Premium\ZoomEx\ZoomEx.exe" /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
"C:\Program Files (x86)\Mumble\mumble.exe"
"C:\Program Files (x86)\Mumble\dbus-daemon.exe" --session
\??\C:\Windows\system32\conhost.exe "-1143549870159481848-199094169218963543551478169434-1997406699-12832788781955304820
C:\Windows\SysWOW64\DllHost.exe /Processid:{3F6B5E16-092A-41ED-930B-0B4125D91D4E}
"D:\Games\World_of_Tanks\WOTLauncher.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\ProgramData\Premium\ZoomEx\ZoomEx.exe" /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\ProgramData\Premium\ZoomEx\ZoomEx.exe" /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
"C:\Users\Zdenda\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=604.fd3a400.1183697641 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 604 "\\.\pipe\gecko-crash-server-pipe.604" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash2180.695C63D8.3106 --host-broker-channel=Flash2180.695C63D8.5216 --host-pid=2180 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=7728.0032F314.1503416066 --proxy-stub-channel=Flash2180.695C63D8.3106 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3594471807-556225314-2353248353-10002_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3594471807-556225314-2353248353-10002 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\ProgramData\Premium\ZoomEx\ZoomEx.exe" /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ZoomExUpdaterTask{B41D989F-F197-4DE5-A5EB-5963A0D22A5C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{031B4C0E-E357-91ED-FFFB-B328A08F972E}]
Zoomex - C:\ProgramData\Zoomex\51002736c099f.dll [2013-01-23 120832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]
Toolbar BHO - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll [2013-01-13 707728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8d3ec233-b92d-4187-a506-284127cfba2d}]
DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]
Search Assistant BHO - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-01-13 62864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8d3ec233-b92d-4187-a506-284127cfba2d} - DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2013-01-13 707728]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]
{95B7759C-8C7F-4BF1-B163-73684A933233}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-13 13263072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-03-05 507984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-01-13 42536]
"VideoDownloadConverter_4z Browser Plugin Loader"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe [2013-01-13 30096]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-03-13 1151152]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-03-16 19:11:10 ----D---- C:\Program Files (x86)\Portrait Professional 11 Trial
2013-03-14 15:25:07 ----D---- C:\Users\Zdenda\AppData\Roaming\VampireSaga
2013-03-13 16:05:27 ----A---- C:\Windows\system32\TURegOpt.exe
2013-03-13 16:05:26 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2013-03-13 16:05:26 ----A---- C:\Windows\system32\authuitu.dll
2013-03-13 16:05:10 ----D---- C:\ProgramData\AVG Secure Search
2013-03-13 16:04:53 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2013-03-13 16:04:47 ----D---- C:\Program Files (x86)\AVG Secure Search
2013-03-13 16:03:35 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2013-03-13 16:03:01 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-03-13 16:02:03 ----D---- C:\ProgramData\AmUStor
2013-03-13 16:02:03 ----D---- C:\Program Files (x86)\AmIcoSingLun
2013-03-13 16:00:50 ----A---- C:\Windows\SYSWOW64\drivers\VMHybrid.sys
2013-03-13 16:00:50 ----A---- C:\Windows\SYSWOW64\drivers\VMHybr64.sys
2013-03-13 16:00:27 ----D---- C:\Users\Zdenda\AppData\Roaming\ATI
2013-03-13 16:00:27 ----D---- C:\ProgramData\ATI
2013-03-13 16:00:20 ----D---- C:\Program Files (x86)\AMD AVT
2013-03-13 16:00:16 ----D---- C:\Program Files (x86)\AMD APP
2013-03-13 16:00:10 ----D---- C:\Program Files\Common Files\ATI Technologies
2013-03-13 15:59:03 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-03-13 15:59:03 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-03-13 15:59:03 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2013-03-13 15:58:31 ----D---- C:\ProgramData\AMD
2013-03-13 15:58:27 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2013-03-13 15:58:20 ----D---- C:\Program Files (x86)\ATI Technologies
2013-03-13 15:54:50 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-03-13 15:54:26 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\WavesGUILib64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tosade.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tepeqapo64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tadefxapo264.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tadefxapo.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSHP64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFNHK64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFCOM64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFAPO64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkApi64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEED64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTCOM64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEP64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEG64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EED64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEA64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\KAAPORT64.dll
2013-03-13 15:54:24 ----D---- C:\Program Files (x86)\Realtek
2013-03-13 15:54:24 ----A---- C:\Windows\system32\FMAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\AERTAR64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\AERTAC64.dll
2013-03-13 15:54:22 ----A---- C:\Windows\RtlExUpd.dll
2013-03-13 15:53:43 ----D---- C:\Program Files\Realtek
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RtkHDM64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEP64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEL64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEG64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEED64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RHDMEx64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RHCoInst64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RH3DHT64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\drivers\RtHDMIVX.sys
2013-03-13 15:53:38 ----A---- C:\Windows\system32\RH3DAA64.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEP64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEL64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEG64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EED64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEA64H.dll
2013-03-13 15:53:37 ----HD---- C:\Program Files (x86)\Temp
2013-03-13 15:51:58 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-13 15:51:58 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2013-03-13 15:51:44 ----D---- C:\Program Files\ATI Technologies
2013-03-13 15:51:40 ----D---- C:\Program Files\ATI
2013-03-13 15:47:46 ----D---- C:\ProgramData\DriverGenius
2013-03-13 15:45:51 ----D---- C:\Program Files (x86)\Driver-Soft
2013-03-10 21:38:45 ----A---- C:\Windows\SYSWOW64\drivers\Vcs.sys
2013-03-08 09:28:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-07 19:57:22 ----D---- C:\Program Files\CCleaner
2013-03-07 19:55:04 ----D---- C:\Program Files\trend micro
2013-03-07 19:55:03 ----D---- C:\rsit
2013-03-07 19:54:34 ----D---- C:\Program Files (x86)\Google
2013-03-07 11:54:22 ----D---- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
2013-03-06 20:26:53 ----D---- C:\Program Files (x86)\VideoLAN
2013-03-06 20:18:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-05 19:11:07 ----D---- C:\Users\Zdenda\AppData\Roaming\ICQ Search
2013-03-05 19:11:07 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2013-03-05 19:11:04 ----D---- C:\Program Files (x86)\Guard-ICQ
2013-03-05 19:11:02 ----D---- C:\ProgramData\ICQ
2013-03-05 19:08:03 ----D---- C:\Users\Zdenda\AppData\Roaming\BitTorrent
2013-03-05 18:59:57 ----D---- C:\ProgramData\PMB Files
2013-03-05 18:59:51 ----D---- C:\Program Files (x86)\Pando Networks
2013-03-05 12:33:31 ----D---- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
2013-03-02 12:40:20 ----D---- C:\Windows\Minidump
======List of files/folders modified in the last 1 months======
2013-03-19 21:22:00 ----D---- C:\Windows\Temp
2013-03-19 21:21:14 ----D---- C:\Windows\Prefetch
2013-03-19 21:19:51 ----D---- C:\Users\Zdenda\AppData\Roaming\Mumble
2013-03-19 21:19:10 ----D---- C:\Users\Zdenda\AppData\Roaming\Skype
2013-03-19 21:18:28 ----D---- C:\Windows\inf
2013-03-19 21:18:00 ----D---- C:\Windows
2013-03-19 20:55:39 ----D---- C:\Windows\SoftwareDistribution
2013-03-19 13:11:30 ----D---- C:\Windows\system32\config
2013-03-19 12:52:04 ----D---- C:\Windows\System32
2013-03-19 12:52:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-17 09:22:47 ----D---- C:\ProgramData\AlawarWrapper
2013-03-16 19:11:10 ----RD---- C:\Program Files (x86)
2013-03-14 23:07:11 ----D---- C:\Program Files (x86)\DaemonicMU Season V
2013-03-14 15:56:04 ----D---- C:\Windows\system32\Tasks
2013-03-13 17:58:32 ----D---- C:\Program Files (x86)\Hry.cz
2013-03-13 16:23:47 ----D---- C:\Windows\SysWOW64
2013-03-13 16:07:11 ----SHD---- C:\System Volume Information
2013-03-13 16:05:32 ----SHD---- C:\Windows\Installer
2013-03-13 16:05:10 ----HD---- C:\ProgramData
2013-03-13 16:04:53 ----D---- C:\Windows\system32\drivers
2013-03-13 16:04:48 ----D---- C:\Program Files (x86)\Common Files
2013-03-13 16:02:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-13 16:02:06 ----D---- C:\Windows\system32\DriverStore
2013-03-13 16:02:06 ----D---- C:\Windows\system32\catroot
2013-03-13 16:00:50 ----D---- C:\Windows\SYSWOW64\drivers
2013-03-13 16:00:10 ----D---- C:\Program Files\Common Files
2013-03-13 15:58:11 ----D---- C:\Windows\system32\catroot2
2013-03-13 15:53:43 ----RD---- C:\Program Files
2013-03-12 15:40:15 ----SD---- C:\Users\Zdenda\AppData\Roaming\Microsoft
2013-03-08 15:16:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-07 20:00:08 ----D---- C:\Users\Zdenda\AppData\Roaming\Ventrilo
2013-03-07 20:00:08 ----D---- C:\Users\Zdenda\AppData\Roaming\DAEMON Tools Lite
2013-03-07 19:59:51 ----D---- C:\Windows\Panther
2013-03-07 19:59:46 ----D---- C:\Windows\Logs
2013-03-07 19:59:46 ----D---- C:\Windows\debug
2013-03-07 19:55:11 ----D---- C:\Windows\Tasks
2013-03-05 22:15:20 ----D---- C:\Users\Zdenda\AppData\Roaming\TS3Client
2013-03-05 20:22:08 ----D---- C:\ProgramData\Adobe
2013-03-05 19:11:12 ----D---- C:\ProgramData\Zoomex
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-03-13 39768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-23 283200]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R3 3xHybr64;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-04-20 873216]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-12-26 3269088]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2012-06-05 237968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-27 805088]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S2 Vcs;Vcs support; \??\C:\Windows\system32\Drivers\Vcs.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2008-10-29 811008]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
R2 ICQ Service;ICQ Service; C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-23 76888]
R2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-01-08 20608]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-09-19 2365792]
R2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-01-13 42504]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-03-13 968880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
dost se mi to spomalilo
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: dost se mi to spomalilo
Zdravim.
Muzete mi rict, proc jste se na to zde http://forum.viry.cz/viewtopic.php?f=30&t=128626 vybodnul?
Muzete mi rict, proc jste se na to zde http://forum.viry.cz/viewtopic.php?f=30&t=128626 vybodnul?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
zdeny.m
- Návštěvník
- Příspěvky: 74
- Registrován: 29 lis 2004 18:54
- Bydliště: Holýšov
- Kontaktovat uživatele:
Re: dost se mi to spomalilo
to sem resil pres tuneUP a rychlost se zlepsila pak sem tu od te doby nebyl
Re: dost se mi to spomalilo
Mohl jste dat aspon vedet 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
zdeny.m
- Návštěvník
- Příspěvky: 74
- Registrován: 29 lis 2004 18:54
- Bydliště: Holýšov
- Kontaktovat uživatele:
Re: dost se mi to spomalilo
OTL Extras logfile created on: 19.3.2013 21:57:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdenda\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 60,98% Memory free
8,00 Gb Paging File | 6,03 Gb Available in Paging File | 75,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,18 Gb Total Space | 324,54 Gb Free Space | 66,48% Space Free | Partition Type: NTFS
Drive D: | 443,23 Gb Total Space | 303,30 Gb Free Space | 68,43% Space Free | Partition Type: NTFS
Drive F: | 6,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ZDENDAPC | User Name: Zdenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07FCF56A-165A-41B2-89B9-0C8A0B50443C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{13DE6543-95A8-4A3B-8EC8-F511FDC35996}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{15FA93E1-1190-40BD-B5A0-72C02F2601C2}" = lport=58122 | protocol=6 | dir=in | name=pando media booster |
"{163466CD-E364-4D25-AE65-29EC3CB8D9C2}" = lport=139 | protocol=6 | dir=in | app=system |
"{26444677-F743-4292-BE70-E1A72CCE823E}" = lport=58333 | protocol=6 | dir=in | name=pando media booster |
"{382D105A-B9A4-456E-AA56-505F5E1E6209}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38D458E6-0B0A-4646-99B5-6A6EFE1AA076}" = lport=58659 | protocol=17 | dir=in | name=pando media booster |
"{3FA09ADA-7E13-4695-8A48-894966A6FADD}" = lport=58659 | protocol=6 | dir=in | name=pando media booster |
"{42BCEAE1-25B2-4A0F-ABA0-3B97BE9C6731}" = rport=137 | protocol=17 | dir=out | app=system |
"{4ACB8F12-33F4-4D96-92B6-BB316CCDC9EC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{50D010C8-B723-46C7-97C3-59E87C1FC525}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6A4B64BB-4DE5-46BF-B34D-53F1AD94DEC2}" = lport=137 | protocol=17 | dir=in | app=system |
"{6F6A4870-75A9-4805-B9BA-61E1A4AA247C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{741EBD09-0F3F-4A29-9392-8FF77012662B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{79C31176-23FE-4A63-97CF-32AE9CC6C132}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{80A88229-BC88-4759-B516-FFAA47809DE3}" = lport=58333 | protocol=17 | dir=in | name=pando media booster |
"{88159994-B6D6-4B72-9392-6422C0F7A5F5}" = lport=58333 | protocol=17 | dir=in | name=pando media booster |
"{A1948603-FD21-45D0-BC00-8D16F217B4AF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A5C46E1F-59D5-490A-97A3-EC6971AE7E48}" = lport=445 | protocol=6 | dir=in | app=system |
"{A8E82B0D-DE6E-4087-A9AD-6892D27F5457}" = lport=58659 | protocol=6 | dir=in | name=pando media booster |
"{AF60A550-B92E-41F4-85FC-EC872EA82728}" = rport=445 | protocol=6 | dir=out | app=system |
"{B4582237-871F-4F6C-9E7E-1A22CB72040E}" = lport=58333 | protocol=6 | dir=in | name=pando media booster |
"{C9D9E32F-0049-4F23-B51C-257DE404D865}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CA6758FA-4E4F-41C4-9936-B2D8E4522950}" = lport=58122 | protocol=17 | dir=in | name=pando media booster |
"{D012E5F5-113D-493B-BB0D-A4179D6F3B3D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D01919F3-086C-49E3-B2B7-B2AF84B2C4D2}" = rport=138 | protocol=17 | dir=out | app=system |
"{D0394A46-92DC-4074-A743-4FECB773C81B}" = lport=138 | protocol=17 | dir=in | app=system |
"{DA2A6A0B-2479-40DA-8169-9820BBC789BE}" = lport=58122 | protocol=17 | dir=in | name=pando media booster |
"{DBE37817-A993-4E17-8003-38FDAE925576}" = rport=139 | protocol=6 | dir=out | app=system |
"{DD753069-7DE3-4B47-9C1A-1D5422DF709C}" = lport=58122 | protocol=6 | dir=in | name=pando media booster |
"{DF040F62-6A1A-4842-8BF8-94A665F66A47}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E0040CF7-D37A-430A-8C23-F6ED2CC3DC91}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FDDC1AAC-6B8B-47EC-9F2A-139759743EA0}" = lport=58659 | protocol=17 | dir=in | name=pando media booster |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02666C84-E05A-43F1-8DB2-ABA59D1C2B69}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1F327DFB-5945-48E4-842C-7000408DD168}" = protocol=17 | dir=in | app=d:\program files (x86)\world of warcraft\launcher.exe |
"{213F8970-B07D-477E-94B5-5FE89BFBCA84}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2199F28D-BCDF-4377-ADEE-831B7523273D}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{23710047-0874-4907-BF02-46E91B22570B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{28B5DDE7-7BD8-4209-8A7F-D1193ED63369}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{2E83FCC7-19F9-47ED-B33F-6F5C2979B645}" = protocol=6 | dir=in | app=c:\users\zdenda\appdata\roaming\bittorrent\bittorrent.exe |
"{39FCFFE6-41F4-48D3-9B38-0885C13F376C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3B076889-F60D-4333-9275-C78EEA5DE4BE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3BDDE202-C295-40EB-A703-D0680C84BC2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3D61FBD3-D118-4463-9BDC-E8560A9A2462}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3D666DC2-5A4A-42E3-9487-73B16117D8F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{451AF0DC-8524-42B5-A55F-53CEB329BF1D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{474A5266-A5A0-4D56-BD94-4295A2794C53}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{54FBC874-91AF-4250-BCF3-C42C9A27509D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6006E68D-E63D-46CB-8296-E49970E6B017}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{660550BC-F76E-48B6-9EBD-F82E94470CFF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A87612F-9EAA-49E0-92DF-344495373232}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6DFE77BF-C35E-4DD6-ABB7-63C43D8485D2}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{6F6D19AE-7C95-4432-9A09-DB2A17990362}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{721BE7CA-7A3F-4336-B70A-ACCE8012E44B}" = protocol=6 | dir=in | app=d:\program files (x86)\world of warcraft\launcher.exe |
"{7FCE890F-AC8D-4FB2-AFD1-0AE6E7216663}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{81F01CF4-47E8-4EEE-93B6-B65B7DAC92CC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{83D3ECF0-8B22-4C09-80D5-6275B42A0DDB}" = protocol=6 | dir=out | app=system |
"{88FB9FBD-AFCD-4CCC-8734-FF8EAF2C785F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8B6FFF22-66DD-4E8E-B0E5-C1AABEEFEC6D}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{8BBD2A9E-8F27-4D71-A8D6-D237BC70205E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E4FEB46-EC23-4CB2-BFFF-9DF6F18B0E41}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{9B942760-A976-4E1B-8187-DD9D09B47B2E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9E1299F0-8D6B-478F-A06A-5D7DDBE254C1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A1B3380C-C9F6-4B37-9414-5277DFE55F15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AB36255E-3824-47F4-BC5A-F3BA5F88DD77}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{AD144883-4F69-45BA-86C5-28B8D197F0E1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AFB4B429-C86F-4114-9D58-0BC23EC7867E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B92A8D43-CD72-4D29-BC13-C503A2E1B212}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BCB49C8D-E433-48D6-9BE0-F12EA514B0B0}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{C1D9BB24-E0EA-49CB-B55A-F43B0EF9ECF6}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{C6C4866A-F595-441E-B073-A2430F26B126}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D4C9BCD5-B18F-433E-8F50-7CCBEA4FECBC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DA343405-8FFD-4AF4-99FA-254BD6842B93}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DB2C9C04-3248-4607-BF9D-AB671E95A9E5}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{DE034285-8C3D-490D-A525-913223BA774C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E376D13A-9A73-43CA-ADA7-349C408CB79F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{E4D6D68D-CE67-49C0-8482-E63A7D819F40}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{ED35BF35-5F07-4A80-8AE8-3E043673623D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F4348436-1739-40D0-BD76-E72F5CF51374}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F8BCB254-8B91-4404-BB1A-F3C19FA7174E}" = protocol=17 | dir=in | app=c:\users\zdenda\appdata\roaming\bittorrent\bittorrent.exe |
"{FD22997C-3BD5-4F62-8089-A75F4C06F7F7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FF5569E9-8005-4CC1-8287-D45BA9C83701}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{14D7B34A-C57E-4814-9713-9820B688EE56}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{33CB4D0F-B490-48A3-BCD6-6725115F768D}D:\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{560CB08C-6761-440D-98C0-67AF51756A25}D:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{94FA5929-3957-4A50-B609-230A5F0E7505}D:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=d:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{BBFA61E9-8ED5-4EDF-95F9-B1F599B30C97}C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe" = protocol=6 | dir=in | app=c:\users\public\games\cryptic studios\star trek online\live\gameclient.exe |
"TCP Query User{EAE50375-C852-4624-86AD-FDC8225621CC}D:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{0F7D0C98-8197-40A0-BA45-E730C54E509E}D:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{3A9942E8-8627-4110-B1D4-F29FAB5FF659}D:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=d:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{3DAD0B9C-0A7E-460A-B22F-C603CA578F4C}D:\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{72DBB88D-0FE5-4129-AF6C-4FF40B023719}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{77E0E94F-D1A8-4F30-B102-B80C9CA80D7E}C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe" = protocol=17 | dir=in | app=c:\users\public\games\cryptic studios\star trek online\live\gameclient.exe |
"UDP Query User{A426C9E0-60F1-4975-9434-80C6F83EDC6D}D:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F6306D6-FB66-10D2-D474-5ADE4D57EE6B}" = AMD Fuel
"{1F85668C-CEB7-7A2E-356C-C42F950A982C}" = AMD Accelerated Video Transcoding
"{4161341F-AE84-E404-4291-4E0322CCE809}" = AMD Media Foundation Decoders
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.9.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7C995548-E4F2-423C-A0D7-ACD0A77A77BE}" = ZoomEx
"{7FD0FD0D-AC40-A3BF-F2D4-54EFEDB0008F}" = AMD Drag and Drop Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{AB58402A-43DE-551C-2B40-DD1CF0E21240}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFEFBFBF-02CF-3316-B694-B3C44C9C02B9}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Movie Maker" = Windows Movie Maker
"WinRAR archiver" = WinRAR 4.20 (64-bit)
"ZoomEx" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 7.6.1
"{09907A60-5843-4E83-A471-3102A42231B8}_is1" = SD Card Recovery
"{0B03071A-C96E-34CA-E5A3-4D8DA8ACCB3D}" = CCC Help Polish
"{107c7af4-bcdb-4ba2-87d1-3cb1f7190dba}_is1" = DownTango Launcher 1.6
"{1472627A-6E9F-DCB1-8894-E2BD249FD5E4}" = CCC Help Thai
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A2C316B-F842-6FB3-3C87-6FE02861F396}" = AMD VISION Engine Control Center
"{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}" = OpenOffice.org 3.4.1
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{218BE476-B206-2879-B912-971E6E89E44D}" = CCC Help Finnish
"{2DFFE333-1B60-4CAA-F836-3CF0C99777CA}" = CCC Help Norwegian
"{364374D2-FE10-2170-2397-5B01F9D00093}" = CCC Help Spanish
"{40786C7F-7078-5147-444E-D45DE808B684}" = CCC Help Portuguese
"{41E340F0-0BD6-4A87-AF29-E9E584471756}" = VideoMate T, M, P, S Series Driver
"{43D3EA3E-2B72-57F3-40E0-318A614D0FDD}" = CCC Help Czech
"{4B55E0A8-07F5-4966-9B7B-D32C8ADC0FF4}" = Samsung Converter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4F7823C4-BB28-A63E-CE08-1B463D4682DE}" = CCC Help Dutch
"{53820F89-063F-10D7-7457-06C201F4CBF0}" =
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{547ADD84-7D19-4EC0-B709-092F997ACA8C}_is1" = DaemonicMU Season V 1.40
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D7B8E2C-4356-619D-134F-FB36B0809958}" = CCC Help German
"{6F173E00-2766-E174-C2E0-AD88F24685BD}" = CCC Help Swedish
"{6FAEC41D-0654-12C1-0068-770D19FC2446}" = CCC Help Italian
"{73D239CC-D6B1-ADEC-A7BE-E100C7112004}" = CCC Help Korean
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{86D6A20D-3910-4441-A3E5-EB6977251C86}" = Samsung USB Driver
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8D3D92F0-852F-D832-FD8B-029C8C231C13}" = CCC Help Russian
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{963FFEAB-16E5-EB69-4E64-338B3D319FB4}" = CCC Help Chinese Standard
"{96E2E493-C484-43E3-9B95-D62EE7D40D3A}" = Toolbar 4.7 by SweetPacks
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F7E9D7B-3291-96CE-A27F-DD4F6EB230EA}" = CCC Help Chinese Traditional
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A6FDE264-C48D-36CE-CFA7-ABBEB861AC10}" = Catalyst Control Center Localization All
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Samsung Master
"{B31A9284-632D-683E-3BD0-F6926D445A7B}" = CCC Help Danish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A75523-3D7F-CF23-12F7-999EAF6C7167}" = CCC Help Japanese
"{B97A0C89-29C0-4682-902C-364109A9857C}" = Belkin F6D4050 Enhanced Wireless USB Adapter
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C821D689-95BE-0D60-255E-D9B89CB3019F}" = Catalyst Control Center Graphics Previews Common
"{CE1458AA-23A7-332D-68D9-86B799898DA6}" = CCC Help Greek
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{E0655E94-1D4D-8484-64C6-E6F847B7BE92}" = CCC Help Turkish
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E555950B-1496-C37C-CA2C-2DF8745A5BE9}" = CCC Help English
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EE229D0E-3D9E-636C-6E75-9436A87C7E49}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3ED01FE-B62F-4CA4-BACA-822369BC0FB7}" = TuneUp Utilities Language Pack (en-GB)
"{F536CCF1-C4C1-5FB9-6B17-F883DFFAE569}" = CCC Help Hungarian
"{FD1C729D-EDD3-4142-8980-7EA36F19D500}" = Alcor Micro USB Card Reader
"{Serif Standa}_is1" = Šerif Standa 1.5
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"AVG Secure Search" = AVG Security Toolbar
"BitTorrent" = BitTorrent
"DAEMON Tools Lite" = DAEMON Tools Lite
"Driver Genius_is1" = Driver Genius
"Dům 1000 dveří: Dlaň Zarathustry. Sběratelská edice" = Dům 1000 dveří: Dlaň Zarathustry. Sběratelská edice
"GameParkClient_is1" = GamePark
"Google Chrome" = Google Chrome
"Guard.Mail.ru" = Guard.ICQ
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"ICQToolbar" = ICQ Toolbar
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{B97A0C89-29C0-4682-902C-364109A9857C}" = Belkin F6D4050 Enhanced Wireless USB Adapter
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mumble" = Mumble and Murmur
"Princezna Isabela: Prokletí Čarodějnice" = Princezna Isabela: Prokletí Čarodějnice
"Prokletí vlkodlaků" = Prokletí vlkodlaků
"Protected Search_is1" = Protected Search 1.1
"RadeonPro_is1" = RadeonPro 1.0 (Build 1.1.1.0)
"SP_5dec30d7" =
"Star Trek Online" = Star Trek Online
"SweetIM Bundle by SweetPacks" = SweetIM Bundle by SweetPacks
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Vampire Saga: Pandořina skříňka" = Vampire Saga: Pandořina skříňka
"VDC_is1" = Video Download Converter version 1.0.0.0
"VideoDownloadConverter_4zbar Uninstall" = VideoDownloadConverter Toolbar
"VLC media player" = VLC media player 2.0.5
"World of Warcraft" = World of Warcraft
"Živoucí Legendy: Ledová Růže Sběratelská Edice" = Živoucí Legendy: Ledová Růže Sběratelská Edice
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.3.2013 17:01:18 | Computer Name = ZdendaPC | Source = ZoomExUpdater | ID = 0
Description =
Error - 12.3.2013 17:01:22 | Computer Name = ZdendaPC | Source = ZoomExUpdater | ID = 0
Description =
Error - 12.3.2013 17:02:18 | Computer Name = ZdendaPC | Source = ZoomExUpdater | ID = 0
Description =
Error - 12.3.2013 17:02:22 | Computer Name = ZdendaPC | Source = ZoomExUpdater | ID = 0
Description =
Error - 13.3.2013 11:07:21 | Computer Name = ZdendaPC | Source = Application Hang | ID = 1002
Description = Program Integrator.exe verze 13.0.2020.9 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: ec4 Čas spuštění: 01ce1ffc5ba96615 Čas ukončení: 0 Cesta k aplikaci: C:\Program
Files (x86)\TuneUp Utilities 2013\Integrator.exe ID hlášení:
Error - 14.3.2013 10:01:20 | Computer Name = ZdendaPC | Source = Application Hang | ID = 1002
Description = Program Skype.exe verze 6.1.0.129 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
8ac Čas spuštění: 01ce20b8bf16e7c6 Čas ukončení: 0 Cesta k aplikaci: C:\Program Files
(x86)\Skype\Phone\Skype.exe ID hlášení:
Error - 14.3.2013 15:56:34 | Computer Name = ZdendaPC | Source = Application Error | ID = 1000
Error - 15.3.2013 17:06:06 | Computer Name = ZdendaPC | Source = Application Error
| ID = 1000
Error - 16.3.2013 17:09:21 | Computer Name = ZdendaPC | Source = Application Hang | ID = 1002
Description = Program Skype.exe verze 6.1.0.129 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
900 Čas spuštění: 01ce2257d834b99a Čas ukončení: 8 Cesta k aplikaci: C:\Program Files
(x86)\Skype\Phone\Skype.exe ID hlášení:
Error - 16.3.2013 17:28:18 | Computer Name = ZdendaPC | Source = Application Error | ID = 1000
Error - 16.3.2013 19:01:31 | Computer Name = ZdendaPC | Source = ZoomExUpdater |
ID = 0
Description =
Error - 17.3.2013 16:45:34 | Computer Name = ZdendaPC | Source = Application Error
| ID = 1000
Error - 19.3.2013 6:29:46 | Computer Name = ZdendaPC | Source = ZoomExUpdater | ID = 0
Description =
[ System Events ]
Error - 16.2.2013 7:24:23 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.2.2013 13:32:06 | Computer Name = ZdendaPC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 16.2.2013 13:32:06 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 17.2.2013 4:06:57 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 17.2.2013 7:29:50 | Computer Name = ZdendaPC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 17.2.2013 7:29:50 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 17.2.2013 7:45:12 | Computer Name = ZdendaPC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 17.2.2013 7:45:12 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 17.2.2013 7:46:37 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 17.2.2013 7:47:10 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdenda\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 60,98% Memory free
8,00 Gb Paging File | 6,03 Gb Available in Paging File | 75,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,18 Gb Total Space | 324,54 Gb Free Space | 66,48% Space Free | Partition Type: NTFS
Drive D: | 443,23 Gb Total Space | 303,30 Gb Free Space | 68,43% Space Free | Partition Type: NTFS
Drive F: | 6,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ZDENDAPC | User Name: Zdenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07FCF56A-165A-41B2-89B9-0C8A0B50443C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{13DE6543-95A8-4A3B-8EC8-F511FDC35996}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{15FA93E1-1190-40BD-B5A0-72C02F2601C2}" = lport=58122 | protocol=6 | dir=in | name=pando media booster |
"{163466CD-E364-4D25-AE65-29EC3CB8D9C2}" = lport=139 | protocol=6 | dir=in | app=system |
"{26444677-F743-4292-BE70-E1A72CCE823E}" = lport=58333 | protocol=6 | dir=in | name=pando media booster |
"{382D105A-B9A4-456E-AA56-505F5E1E6209}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38D458E6-0B0A-4646-99B5-6A6EFE1AA076}" = lport=58659 | protocol=17 | dir=in | name=pando media booster |
"{3FA09ADA-7E13-4695-8A48-894966A6FADD}" = lport=58659 | protocol=6 | dir=in | name=pando media booster |
"{42BCEAE1-25B2-4A0F-ABA0-3B97BE9C6731}" = rport=137 | protocol=17 | dir=out | app=system |
"{4ACB8F12-33F4-4D96-92B6-BB316CCDC9EC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{50D010C8-B723-46C7-97C3-59E87C1FC525}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6A4B64BB-4DE5-46BF-B34D-53F1AD94DEC2}" = lport=137 | protocol=17 | dir=in | app=system |
"{6F6A4870-75A9-4805-B9BA-61E1A4AA247C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{741EBD09-0F3F-4A29-9392-8FF77012662B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{79C31176-23FE-4A63-97CF-32AE9CC6C132}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{80A88229-BC88-4759-B516-FFAA47809DE3}" = lport=58333 | protocol=17 | dir=in | name=pando media booster |
"{88159994-B6D6-4B72-9392-6422C0F7A5F5}" = lport=58333 | protocol=17 | dir=in | name=pando media booster |
"{A1948603-FD21-45D0-BC00-8D16F217B4AF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A5C46E1F-59D5-490A-97A3-EC6971AE7E48}" = lport=445 | protocol=6 | dir=in | app=system |
"{A8E82B0D-DE6E-4087-A9AD-6892D27F5457}" = lport=58659 | protocol=6 | dir=in | name=pando media booster |
"{AF60A550-B92E-41F4-85FC-EC872EA82728}" = rport=445 | protocol=6 | dir=out | app=system |
"{B4582237-871F-4F6C-9E7E-1A22CB72040E}" = lport=58333 | protocol=6 | dir=in | name=pando media booster |
"{C9D9E32F-0049-4F23-B51C-257DE404D865}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CA6758FA-4E4F-41C4-9936-B2D8E4522950}" = lport=58122 | protocol=17 | dir=in | name=pando media booster |
"{D012E5F5-113D-493B-BB0D-A4179D6F3B3D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D01919F3-086C-49E3-B2B7-B2AF84B2C4D2}" = rport=138 | protocol=17 | dir=out | app=system |
"{D0394A46-92DC-4074-A743-4FECB773C81B}" = lport=138 | protocol=17 | dir=in | app=system |
"{DA2A6A0B-2479-40DA-8169-9820BBC789BE}" = lport=58122 | protocol=17 | dir=in | name=pando media booster |
"{DBE37817-A993-4E17-8003-38FDAE925576}" = rport=139 | protocol=6 | dir=out | app=system |
"{DD753069-7DE3-4B47-9C1A-1D5422DF709C}" = lport=58122 | protocol=6 | dir=in | name=pando media booster |
"{DF040F62-6A1A-4842-8BF8-94A665F66A47}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E0040CF7-D37A-430A-8C23-F6ED2CC3DC91}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FDDC1AAC-6B8B-47EC-9F2A-139759743EA0}" = lport=58659 | protocol=17 | dir=in | name=pando media booster |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02666C84-E05A-43F1-8DB2-ABA59D1C2B69}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1F327DFB-5945-48E4-842C-7000408DD168}" = protocol=17 | dir=in | app=d:\program files (x86)\world of warcraft\launcher.exe |
"{213F8970-B07D-477E-94B5-5FE89BFBCA84}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2199F28D-BCDF-4377-ADEE-831B7523273D}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{23710047-0874-4907-BF02-46E91B22570B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{28B5DDE7-7BD8-4209-8A7F-D1193ED63369}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{2E83FCC7-19F9-47ED-B33F-6F5C2979B645}" = protocol=6 | dir=in | app=c:\users\zdenda\appdata\roaming\bittorrent\bittorrent.exe |
"{39FCFFE6-41F4-48D3-9B38-0885C13F376C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3B076889-F60D-4333-9275-C78EEA5DE4BE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3BDDE202-C295-40EB-A703-D0680C84BC2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3D61FBD3-D118-4463-9BDC-E8560A9A2462}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3D666DC2-5A4A-42E3-9487-73B16117D8F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{451AF0DC-8524-42B5-A55F-53CEB329BF1D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{474A5266-A5A0-4D56-BD94-4295A2794C53}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{54FBC874-91AF-4250-BCF3-C42C9A27509D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6006E68D-E63D-46CB-8296-E49970E6B017}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{660550BC-F76E-48B6-9EBD-F82E94470CFF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A87612F-9EAA-49E0-92DF-344495373232}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6DFE77BF-C35E-4DD6-ABB7-63C43D8485D2}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{6F6D19AE-7C95-4432-9A09-DB2A17990362}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{721BE7CA-7A3F-4336-B70A-ACCE8012E44B}" = protocol=6 | dir=in | app=d:\program files (x86)\world of warcraft\launcher.exe |
"{7FCE890F-AC8D-4FB2-AFD1-0AE6E7216663}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{81F01CF4-47E8-4EEE-93B6-B65B7DAC92CC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{83D3ECF0-8B22-4C09-80D5-6275B42A0DDB}" = protocol=6 | dir=out | app=system |
"{88FB9FBD-AFCD-4CCC-8734-FF8EAF2C785F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8B6FFF22-66DD-4E8E-B0E5-C1AABEEFEC6D}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{8BBD2A9E-8F27-4D71-A8D6-D237BC70205E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E4FEB46-EC23-4CB2-BFFF-9DF6F18B0E41}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{9B942760-A976-4E1B-8187-DD9D09B47B2E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9E1299F0-8D6B-478F-A06A-5D7DDBE254C1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A1B3380C-C9F6-4B37-9414-5277DFE55F15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AB36255E-3824-47F4-BC5A-F3BA5F88DD77}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{AD144883-4F69-45BA-86C5-28B8D197F0E1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AFB4B429-C86F-4114-9D58-0BC23EC7867E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B92A8D43-CD72-4D29-BC13-C503A2E1B212}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BCB49C8D-E433-48D6-9BE0-F12EA514B0B0}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{C1D9BB24-E0EA-49CB-B55A-F43B0EF9ECF6}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{C6C4866A-F595-441E-B073-A2430F26B126}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D4C9BCD5-B18F-433E-8F50-7CCBEA4FECBC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DA343405-8FFD-4AF4-99FA-254BD6842B93}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DB2C9C04-3248-4607-BF9D-AB671E95A9E5}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{DE034285-8C3D-490D-A525-913223BA774C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E376D13A-9A73-43CA-ADA7-349C408CB79F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{E4D6D68D-CE67-49C0-8482-E63A7D819F40}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{ED35BF35-5F07-4A80-8AE8-3E043673623D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F4348436-1739-40D0-BD76-E72F5CF51374}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F8BCB254-8B91-4404-BB1A-F3C19FA7174E}" = protocol=17 | dir=in | app=c:\users\zdenda\appdata\roaming\bittorrent\bittorrent.exe |
"{FD22997C-3BD5-4F62-8089-A75F4C06F7F7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FF5569E9-8005-4CC1-8287-D45BA9C83701}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{14D7B34A-C57E-4814-9713-9820B688EE56}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{33CB4D0F-B490-48A3-BCD6-6725115F768D}D:\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{560CB08C-6761-440D-98C0-67AF51756A25}D:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{94FA5929-3957-4A50-B609-230A5F0E7505}D:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=d:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{BBFA61E9-8ED5-4EDF-95F9-B1F599B30C97}C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe" = protocol=6 | dir=in | app=c:\users\public\games\cryptic studios\star trek online\live\gameclient.exe |
"TCP Query User{EAE50375-C852-4624-86AD-FDC8225621CC}D:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{0F7D0C98-8197-40A0-BA45-E730C54E509E}D:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{3A9942E8-8627-4110-B1D4-F29FAB5FF659}D:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=d:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{3DAD0B9C-0A7E-460A-B22F-C603CA578F4C}D:\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{72DBB88D-0FE5-4129-AF6C-4FF40B023719}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{77E0E94F-D1A8-4F30-B102-B80C9CA80D7E}C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe" = protocol=17 | dir=in | app=c:\users\public\games\cryptic studios\star trek online\live\gameclient.exe |
"UDP Query User{A426C9E0-60F1-4975-9434-80C6F83EDC6D}D:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F6306D6-FB66-10D2-D474-5ADE4D57EE6B}" = AMD Fuel
"{1F85668C-CEB7-7A2E-356C-C42F950A982C}" = AMD Accelerated Video Transcoding
"{4161341F-AE84-E404-4291-4E0322CCE809}" = AMD Media Foundation Decoders
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.9.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7C995548-E4F2-423C-A0D7-ACD0A77A77BE}" = ZoomEx
"{7FD0FD0D-AC40-A3BF-F2D4-54EFEDB0008F}" = AMD Drag and Drop Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{AB58402A-43DE-551C-2B40-DD1CF0E21240}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFEFBFBF-02CF-3316-B694-B3C44C9C02B9}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Movie Maker" = Windows Movie Maker
"WinRAR archiver" = WinRAR 4.20 (64-bit)
"ZoomEx" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 7.6.1
"{09907A60-5843-4E83-A471-3102A42231B8}_is1" = SD Card Recovery
"{0B03071A-C96E-34CA-E5A3-4D8DA8ACCB3D}" = CCC Help Polish
"{107c7af4-bcdb-4ba2-87d1-3cb1f7190dba}_is1" = DownTango Launcher 1.6
"{1472627A-6E9F-DCB1-8894-E2BD249FD5E4}" = CCC Help Thai
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A2C316B-F842-6FB3-3C87-6FE02861F396}" = AMD VISION Engine Control Center
"{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}" = OpenOffice.org 3.4.1
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{218BE476-B206-2879-B912-971E6E89E44D}" = CCC Help Finnish
"{2DFFE333-1B60-4CAA-F836-3CF0C99777CA}" = CCC Help Norwegian
"{364374D2-FE10-2170-2397-5B01F9D00093}" = CCC Help Spanish
"{40786C7F-7078-5147-444E-D45DE808B684}" = CCC Help Portuguese
"{41E340F0-0BD6-4A87-AF29-E9E584471756}" = VideoMate T, M, P, S Series Driver
"{43D3EA3E-2B72-57F3-40E0-318A614D0FDD}" = CCC Help Czech
"{4B55E0A8-07F5-4966-9B7B-D32C8ADC0FF4}" = Samsung Converter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4F7823C4-BB28-A63E-CE08-1B463D4682DE}" = CCC Help Dutch
"{53820F89-063F-10D7-7457-06C201F4CBF0}" =
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{547ADD84-7D19-4EC0-B709-092F997ACA8C}_is1" = DaemonicMU Season V 1.40
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D7B8E2C-4356-619D-134F-FB36B0809958}" = CCC Help German
"{6F173E00-2766-E174-C2E0-AD88F24685BD}" = CCC Help Swedish
"{6FAEC41D-0654-12C1-0068-770D19FC2446}" = CCC Help Italian
"{73D239CC-D6B1-ADEC-A7BE-E100C7112004}" = CCC Help Korean
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{86D6A20D-3910-4441-A3E5-EB6977251C86}" = Samsung USB Driver
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8D3D92F0-852F-D832-FD8B-029C8C231C13}" = CCC Help Russian
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{963FFEAB-16E5-EB69-4E64-338B3D319FB4}" = CCC Help Chinese Standard
"{96E2E493-C484-43E3-9B95-D62EE7D40D3A}" = Toolbar 4.7 by SweetPacks
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F7E9D7B-3291-96CE-A27F-DD4F6EB230EA}" = CCC Help Chinese Traditional
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A6FDE264-C48D-36CE-CFA7-ABBEB861AC10}" = Catalyst Control Center Localization All
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Samsung Master
"{B31A9284-632D-683E-3BD0-F6926D445A7B}" = CCC Help Danish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A75523-3D7F-CF23-12F7-999EAF6C7167}" = CCC Help Japanese
"{B97A0C89-29C0-4682-902C-364109A9857C}" = Belkin F6D4050 Enhanced Wireless USB Adapter
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C821D689-95BE-0D60-255E-D9B89CB3019F}" = Catalyst Control Center Graphics Previews Common
"{CE1458AA-23A7-332D-68D9-86B799898DA6}" = CCC Help Greek
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{E0655E94-1D4D-8484-64C6-E6F847B7BE92}" = CCC Help Turkish
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E555950B-1496-C37C-CA2C-2DF8745A5BE9}" = CCC Help English
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EE229D0E-3D9E-636C-6E75-9436A87C7E49}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3ED01FE-B62F-4CA4-BACA-822369BC0FB7}" = TuneUp Utilities Language Pack (en-GB)
"{F536CCF1-C4C1-5FB9-6B17-F883DFFAE569}" = CCC Help Hungarian
"{FD1C729D-EDD3-4142-8980-7EA36F19D500}" = Alcor Micro USB Card Reader
"{Serif Standa}_is1" = Šerif Standa 1.5
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"AVG Secure Search" = AVG Security Toolbar
"BitTorrent" = BitTorrent
"DAEMON Tools Lite" = DAEMON Tools Lite
"Driver Genius_is1" = Driver Genius
"Dům 1000 dveří: Dlaň Zarathustry. Sběratelská edice" = Dům 1000 dveří: Dlaň Zarathustry. Sběratelská edice
"GameParkClient_is1" = GamePark
"Google Chrome" = Google Chrome
"Guard.Mail.ru" = Guard.ICQ
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"ICQToolbar" = ICQ Toolbar
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{B97A0C89-29C0-4682-902C-364109A9857C}" = Belkin F6D4050 Enhanced Wireless USB Adapter
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mumble" = Mumble and Murmur
"Princezna Isabela: Prokletí Čarodějnice" = Princezna Isabela: Prokletí Čarodějnice
"Prokletí vlkodlaků" = Prokletí vlkodlaků
"Protected Search_is1" = Protected Search 1.1
"RadeonPro_is1" = RadeonPro 1.0 (Build 1.1.1.0)
"SP_5dec30d7" =
"Star Trek Online" = Star Trek Online
"SweetIM Bundle by SweetPacks" = SweetIM Bundle by SweetPacks
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Vampire Saga: Pandořina skříňka" = Vampire Saga: Pandořina skříňka
"VDC_is1" = Video Download Converter version 1.0.0.0
"VideoDownloadConverter_4zbar Uninstall" = VideoDownloadConverter Toolbar
"VLC media player" = VLC media player 2.0.5
"World of Warcraft" = World of Warcraft
"Živoucí Legendy: Ledová Růže Sběratelská Edice" = Živoucí Legendy: Ledová Růže Sběratelská Edice
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.3.2013 17:01:18 | Computer Name = ZdendaPC | Source = ZoomExUpdater | ID = 0
Description =
Error - 12.3.2013 17:01:22 | Computer Name = ZdendaPC | Source = ZoomExUpdater | ID = 0
Description =
Error - 12.3.2013 17:02:18 | Computer Name = ZdendaPC | Source = ZoomExUpdater | ID = 0
Description =
Error - 12.3.2013 17:02:22 | Computer Name = ZdendaPC | Source = ZoomExUpdater | ID = 0
Description =
Error - 13.3.2013 11:07:21 | Computer Name = ZdendaPC | Source = Application Hang | ID = 1002
Description = Program Integrator.exe verze 13.0.2020.9 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: ec4 Čas spuštění: 01ce1ffc5ba96615 Čas ukončení: 0 Cesta k aplikaci: C:\Program
Files (x86)\TuneUp Utilities 2013\Integrator.exe ID hlášení:
Error - 14.3.2013 10:01:20 | Computer Name = ZdendaPC | Source = Application Hang | ID = 1002
Description = Program Skype.exe verze 6.1.0.129 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
8ac Čas spuštění: 01ce20b8bf16e7c6 Čas ukončení: 0 Cesta k aplikaci: C:\Program Files
(x86)\Skype\Phone\Skype.exe ID hlášení:
Error - 14.3.2013 15:56:34 | Computer Name = ZdendaPC | Source = Application Error | ID = 1000
Error - 15.3.2013 17:06:06 | Computer Name = ZdendaPC | Source = Application Error
| ID = 1000
Error - 16.3.2013 17:09:21 | Computer Name = ZdendaPC | Source = Application Hang | ID = 1002
Description = Program Skype.exe verze 6.1.0.129 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
900 Čas spuštění: 01ce2257d834b99a Čas ukončení: 8 Cesta k aplikaci: C:\Program Files
(x86)\Skype\Phone\Skype.exe ID hlášení:
Error - 16.3.2013 17:28:18 | Computer Name = ZdendaPC | Source = Application Error | ID = 1000
Error - 16.3.2013 19:01:31 | Computer Name = ZdendaPC | Source = ZoomExUpdater |
ID = 0
Description =
Error - 17.3.2013 16:45:34 | Computer Name = ZdendaPC | Source = Application Error
| ID = 1000
Error - 19.3.2013 6:29:46 | Computer Name = ZdendaPC | Source = ZoomExUpdater | ID = 0
Description =
[ System Events ]
Error - 16.2.2013 7:24:23 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.2.2013 13:32:06 | Computer Name = ZdendaPC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 16.2.2013 13:32:06 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 17.2.2013 4:06:57 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 17.2.2013 7:29:50 | Computer Name = ZdendaPC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 17.2.2013 7:29:50 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 17.2.2013 7:45:12 | Computer Name = ZdendaPC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 17.2.2013 7:45:12 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 17.2.2013 7:46:37 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 17.2.2013 7:47:10 | Computer Name = ZdendaPC | Source = atikmdag | ID = 43029
Description = Display is not active
< End of report >
-
zdeny.m
- Návštěvník
- Příspěvky: 74
- Registrován: 29 lis 2004 18:54
- Bydliště: Holýšov
- Kontaktovat uživatele:
Re: dost se mi to spomalilo
OTL logfile created on: 19.3.2013 21:57:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdenda\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 60,98% Memory free
8,00 Gb Paging File | 6,03 Gb Available in Paging File | 75,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,18 Gb Total Space | 324,54 Gb Free Space | 66,48% Space Free | Partition Type: NTFS
Drive D: | 443,23 Gb Total Space | 303,30 Gb Free Space | 68,43% Space Free | Partition Type: NTFS
Drive F: | 6,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ZDENDAPC | User Name: Zdenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.03.19 21:56:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zdenda\Downloads\OTL.exe
PRC - [2013.03.13 16:06:19 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013.03.13 16:04:08 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013.03.13 16:04:08 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2013.03.08 09:29:03 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.03.05 19:11:04 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
PRC - [2013.02.05 16:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013.01.31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.01.23 21:13:30 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.01.13 18:08:22 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe
PRC - [2013.01.13 18:08:22 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
PRC - [2013.01.08 09:40:56 | 002,610,896 | ---- | M] (DT Soft Ltd) -- D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2013.01.08 00:50:44 | 000,020,608 | ---- | M] (Mr. John aka japamd) -- C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
PRC - [2012.12.04 10:39:26 | 000,235,008 | ---- | M] () -- C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
PRC - [2012.10.11 09:43:36 | 000,067,656 | ---- | M] (Simplygen) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
PRC - [2012.10.04 16:34:36 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
PRC - [2012.08.15 19:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.01.07 23:46:14 | 003,193,528 | ---- | M] (Thorvald Natvig) -- C:\Program Files (x86)\Mumble\mumble.exe
PRC - [2009.10.10 15:50:22 | 000,142,008 | ---- | M] () -- C:\Program Files (x86)\Mumble\dbus-daemon.exe
PRC - [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.13 16:06:19 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.03.13 16:04:08 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2013.03.13 16:04:08 | 000,156,848 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll
MOD - [2013.03.08 09:29:03 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.03.05 19:11:04 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
MOD - [2013.01.15 17:51:44 | 001,168,384 | ---- | M] () -- c:\Program Files (x86)\ZoomEx\sprotector.dll
MOD - [2012.12.04 10:39:26 | 000,235,008 | ---- | M] () -- C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
MOD - [2012.09.03 15:58:30 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012.09.03 15:58:22 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012.09.03 15:57:58 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012.09.03 15:57:52 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2010.01.07 23:49:54 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bf2142.dll
MOD - [2010.01.07 23:49:54 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bf2.dll
MOD - [2010.01.07 23:49:54 | 000,013,496 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\codmw2.dll
MOD - [2010.01.07 23:49:54 | 000,012,984 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\cod2.dll
MOD - [2010.01.07 23:49:52 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\insurgency.dll
MOD - [2010.01.07 23:49:52 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\aoc.dll
MOD - [2010.01.07 23:49:52 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bfheroes.dll
MOD - [2010.01.07 23:49:52 | 000,013,496 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\link.dll
MOD - [2010.01.07 23:49:52 | 000,013,496 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\codmw2so.dll
MOD - [2010.01.07 23:49:52 | 000,013,496 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\cod5.dll
MOD - [2010.01.07 23:49:50 | 000,066,232 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\manual.dll
MOD - [2010.01.07 23:49:50 | 000,017,080 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\wow.dll
MOD - [2010.01.07 23:49:50 | 000,015,032 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\lotro.dll
MOD - [2010.01.07 23:49:50 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\ut3.dll
MOD - [2010.01.07 23:49:50 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\ut2004.dll
MOD - [2010.01.07 23:49:50 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bf1942.dll
MOD - [2010.01.07 23:49:48 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\gmod.dll
MOD - [2010.01.07 23:49:48 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\dys.dll
MOD - [2010.01.07 23:49:48 | 000,017,592 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\tf2.dll
MOD - [2010.01.07 23:49:48 | 000,015,032 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\etqw.dll
MOD - [2010.01.07 23:49:46 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\hl2dm.dll
MOD - [2010.01.07 23:49:46 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\dods.dll
MOD - [2010.01.07 23:49:46 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\css.dll
MOD - [2010.01.07 23:49:46 | 000,015,032 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\cod4.dll
MOD - [2010.01.07 23:49:46 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\l4d.dll
MOD - [2010.01.07 23:49:46 | 000,013,496 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\wolfet.dll
MOD - [2010.01.07 23:46:26 | 002,345,656 | ---- | M] () -- C:\Program Files (x86)\Mumble\speex.sse2.dll
MOD - [2010.01.07 23:46:22 | 000,133,816 | ---- | M] () -- C:\Program Files (x86)\Mumble\mumble_ol.dll
MOD - [2010.01.07 23:46:22 | 000,118,456 | ---- | M] () -- C:\Program Files (x86)\Mumble\celt.0.7.0.sse2.dll
MOD - [2010.01.07 13:48:56 | 002,348,216 | ---- | M] () -- C:\Program Files (x86)\Mumble\libprotobuf.dll
MOD - [2010.01.07 13:48:44 | 000,039,096 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\iconengines\qsvgicon4.dll
MOD - [2010.01.07 13:48:42 | 000,283,832 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qtiff4.dll
MOD - [2010.01.07 13:48:38 | 000,020,664 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qsvg4.dll
MOD - [2010.01.07 13:48:34 | 000,230,072 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qmng4.dll
MOD - [2010.01.07 13:48:32 | 000,128,184 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qjpeg4.dll
MOD - [2010.01.07 13:48:28 | 000,030,392 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qico4.dll
MOD - [2010.01.07 13:48:26 | 000,025,784 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qgif4.dll
MOD - [2010.01.07 13:48:06 | 000,324,792 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtXml4.dll
MOD - [2010.01.07 13:47:56 | 000,264,888 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtSvg4.dll
MOD - [2010.01.07 13:47:52 | 000,640,184 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtSql4.dll
MOD - [2010.01.07 13:47:42 | 000,619,704 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtOpenGL4.dll
MOD - [2010.01.07 13:47:40 | 000,923,320 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtNetwork4.dll
MOD - [2010.01.07 13:47:30 | 007,660,728 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtGui4.dll
MOD - [2010.01.07 13:47:18 | 000,358,584 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtDBus4.dll
MOD - [2010.01.07 13:47:16 | 002,109,624 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtCore4.dll
MOD - [2009.12.14 06:33:12 | 001,758,720 | ---- | M] () -- C:\Program Files (x86)\Mumble\libsndfile-1.dll
MOD - [2009.11.05 21:12:32 | 002,359,296 | ---- | M] () -- C:\Program Files (x86)\Mumble\libmysql.dll
MOD - [2009.10.10 15:50:22 | 000,142,008 | ---- | M] () -- C:\Program Files (x86)\Mumble\dbus-daemon.exe
MOD - [2009.10.10 15:50:20 | 000,560,312 | ---- | M] () -- C:\Program Files (x86)\Mumble\dbus-1.dll
MOD - [2009.07.26 19:39:18 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.05.14 17:39:04 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\Mumble\libxml2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.11.16 21:44:58 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.11.16 15:27:28 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.13 16:06:20 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.13 16:04:08 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013.03.08 09:29:03 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.05 19:11:04 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2013.02.05 16:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2013.01.31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.01.23 21:13:30 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.01.13 18:08:22 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe -- (VideoDownloadConverter_4zService)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.01.08 00:50:44 | 000,020,608 | ---- | M] (Mr. John aka japamd) [Auto | Running] -- C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe -- (RadeonPro Support Service)
SRV - [2012.09.19 11:51:48 | 002,365,792 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.03.13 16:04:08 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.01.23 20:07:23 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.12.27 01:26:12 | 000,805,088 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.11.16 22:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012.11.16 22:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.11.16 20:39:12 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.08.28 13:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012.08.20 15:48:50 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012.08.20 15:48:48 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012.06.05 13:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2012.03.05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012.03.01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.09.19 04:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009.09.19 04:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009.09.19 04:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.10.29 08:05:54 | 000,811,008 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2007.04.20 12:40:10 | 000,873,216 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\3xHybr64.sys -- (3xHybr64)
DRV - [2012.09.19 10:50:50 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2002.12.10 09:11:42 | 000,006,852 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\Vcs.sys -- (Vcs)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=74f818f8 ... 242157054f
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{A523EF49-D07C-43C1-878F-17D6923C6472}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 242157054F}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\URLSearchHook: {93a3111f-4f74-4ed8-895e-d9708497629e} - No CLSID value found
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchab.com/?aff=7&uid=74f818f8 ... earchTerms}
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 242157054f
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{A523EF49-D07C-43C1-878F-17D6923C6472}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 242157054F}
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "My Web Search"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: "My Web Search"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://home.mywebsearch.com/index.jhtml ... 3godDH0ABw"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsear ... searchfor="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.certified-toolbar.com?si= ... e&tid=2938"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.certified-toolbar.com?si= ... bs=true&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin [2013.01.13 18:08:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.03.13 16:05:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 09:29:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 09:29:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 09:29:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 09:29:01 | 000,000,000 | ---D | M]
[2012.09.27 19:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Extensions
[2013.03.05 19:11:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions
[2013.03.05 19:11:03 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2013.03.05 19:09:16 | 000,000,000 | ---D | M] (BitTorrentControl_v12) -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
[2013.01.13 18:08:10 | 000,000,000 | ---D | M] (VideoDownloadConverter) -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
[2013.01.23 18:45:13 | 000,000,000 | ---D | M] (Zoomex) -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\51002736c081d@51002736c0854.com
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\icqplugin.xml
[2013.01.13 18:08:25 | 000,009,631 | ---- | M] () -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\my-web-search.xml
[2013.01.23 18:45:05 | 000,002,090 | ---- | M] () -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\Searchab.xml
[2013.01.12 23:09:54 | 000,003,998 | ---- | M] () -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\sweetim.xml
[2012.11.28 20:42:19 | 000,003,269 | ---- | M] () -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\Web Search.xml
[2013.03.08 09:29:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.03.08 09:29:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.03.08 09:29:03 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.13 16:05:14 | 000,003,716 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2013.01.23 20:08:44 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013.02.19 22:12:15 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.19 22:12:15 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.19 22:12:15 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.19 22:12:15 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.11.28 20:42:19 | 000,003,269 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
[2013.02.19 22:12:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - homepage: http://www.google.com
O1 HOSTS File: ([2013.01.16 16:39:51 | 000,000,054 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Zoomex) - {031B4C0E-E357-91ED-FFFB-B328A08F972E} - C:\ProgramData\Zoomex\51002736c099f.dll ()
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Toolbar BHO) - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O2 - BHO: (DownTango Launcher) - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll (Simplytech Ltd.)
O2 - BHO: (Reg Error: Value error.) - {95B7759C-8C7F-4BF1-B163-73684A933233} - Reg Error: Value error. File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Search Assistant BHO) - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DownTango Launcher) - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll (Simplytech Ltd.)
O3 - HKLM\..\Toolbar: (Reg Error: Value error.) - {95B7759C-8C7F-4BF1-B163-73684A933233} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [VideoDownloadConverter Search Scope Monitor] C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3594471807-556225314-2353248353-1000..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3594471807-556225314-2353248353-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-3594471807-556225314-2353248353-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F841DED-4C86-4BF8-A102-EC1A12C5C762}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D49ECB5D-EB87-4F8D-AD02-861BDD4BC4C2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F950E98A-990D-4AFB-BDBA-CB88415FF0B6}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20 - AppInit_DLLs: (c:\progra~2\zoomex\sprote~1.dll) - c:\Program Files (x86)\ZoomEx\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.06.12 03:27:33 | 000,000,140 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{825f91cf-6551-11e2-b381-00242157054f}\Shell - "" = AutoRun
O33 - MountPoints2\{825f91cf-6551-11e2-b381-00242157054f}\Shell\AutoRun\command - "" = F:\Setup\rsrc\AUTORUN.EXE -- [2007.03.23 00:57:09 | 000,051,336 | R--- | M] ()
O33 - MountPoints2\{825f91cf-6551-11e2-b381-00242157054f}\Shell\dinstall\command - "" = F:\DirectX\DXSETUP.exe -- [2007.06.01 04:23:56 | 000,503,144 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{84cd154b-f4ae-11e1-8ef6-00242157054f}\Shell - "" = AutoRun
O33 - MountPoints2\{84cd154b-f4ae-11e1-8ef6-00242157054f}\Shell\AutoRun\command - "" = K:\Setup\rsrc\autorun.exe
O33 - MountPoints2\{84cd154b-f4ae-11e1-8ef6-00242157054f}\Shell\dinstall\command - "" = K:\Directx\dxsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.03.16 19:11:22 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\Anthropics
[2013.03.16 19:11:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Portrait Professional 11 Trial
[2013.03.16 19:10:59 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\Programs
[2013.03.14 15:25:07 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\VampireSaga
[2013.03.13 16:06:09 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\AVG Secure Search
[2013.03.13 16:05:27 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013.03.13 16:05:26 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013.03.13 16:05:26 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013.03.13 16:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.03.13 16:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2013.03.13 16:04:53 | 000,039,768 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.03.13 16:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013.03.13 16:04:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2013.03.13 16:03:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.03.13 16:03:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.03.13 16:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2013.03.13 16:02:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2013.03.13 16:00:50 | 001,567,744 | ---- | C] (Compro Technology, Inc.) -- C:\Windows\SysWow64\drivers\VMHybr64.sys
[2013.03.13 16:00:50 | 001,062,016 | ---- | C] (Compro Technology, Inc.) -- C:\Windows\SysWow64\drivers\VMHybrid.sys
[2013.03.13 16:00:39 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\AMD
[2013.03.13 16:00:27 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\ATI
[2013.03.13 16:00:27 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\ATI
[2013.03.13 16:00:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.03.13 16:00:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.03.13 16:00:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.03.13 16:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013.03.13 16:00:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013.03.13 15:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.03.13 15:59:03 | 000,805,088 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013.03.13 15:59:03 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013.03.13 15:59:03 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2013.03.13 15:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.03.13 15:58:27 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2013.03.13 15:58:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.03.13 15:54:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013.03.13 15:54:26 | 012,805,120 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2013.03.13 15:54:26 | 003,673,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013.03.13 15:54:26 | 002,744,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013.03.13 15:54:26 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2013.03.13 15:54:26 | 001,652,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013.03.13 15:54:26 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2013.03.13 15:54:26 | 001,273,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013.03.13 15:54:26 | 000,988,896 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013.03.13 15:54:26 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2013.03.13 15:54:26 | 000,772,224 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2013.03.13 15:54:26 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013.03.13 15:54:26 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013.03.13 15:54:26 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013.03.13 15:54:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013.03.13 15:54:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013.03.13 15:54:26 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2013.03.13 15:54:26 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013.03.13 15:54:26 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013.03.13 15:54:26 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013.03.13 15:54:26 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013.03.13 15:54:26 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013.03.13 15:54:26 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2013.03.13 15:54:26 | 000,126,688 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2013.03.13 15:54:26 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013.03.13 15:54:26 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2013.03.13 15:54:26 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2013.03.13 15:54:26 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013.03.13 15:54:26 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013.03.13 15:54:26 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2013.03.13 15:54:26 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2013.03.13 15:54:25 | 009,546,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2013.03.13 15:54:25 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2013.03.13 15:54:25 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2013.03.13 15:54:25 | 001,460,600 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2013.03.13 15:54:25 | 000,869,752 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013.03.13 15:54:25 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2013.03.13 15:54:25 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2013.03.13 15:54:25 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013.03.13 15:54:25 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013.03.13 15:54:25 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013.03.13 15:54:25 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2013.03.13 15:54:25 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2013.03.13 15:54:25 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2013.03.13 15:54:24 | 002,714,720 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013.03.13 15:54:24 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013.03.13 15:54:24 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013.03.13 15:54:24 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013.03.13 15:54:24 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013.03.13 15:54:24 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2013.03.13 15:54:24 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013.03.13 15:54:24 | 000,501,192 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2013.03.13 15:54:24 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013.03.13 15:54:24 | 000,487,368 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2013.03.13 15:54:24 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013.03.13 15:54:24 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013.03.13 15:54:24 | 000,415,688 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2013.03.13 15:54:24 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013.03.13 15:54:24 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013.03.13 15:54:24 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2013.03.13 15:54:24 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013.03.13 15:54:24 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2013.03.13 15:54:24 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2013.03.13 15:54:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013.03.13 15:54:22 | 002,079,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013.03.13 15:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013.03.13 15:53:39 | 003,746,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll
[2013.03.13 15:53:39 | 002,526,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll
[2013.03.13 15:53:39 | 000,372,056 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll
[2013.03.13 15:53:39 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2013.03.13 15:53:39 | 000,237,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys
[2013.03.13 15:53:39 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll
[2013.03.13 15:53:39 | 000,097,624 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll
[2013.03.13 15:53:39 | 000,092,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll
[2013.03.13 15:53:39 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll
[2013.03.13 15:53:38 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64H.dll
[2013.03.13 15:53:38 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64H.dll
[2013.03.13 15:53:38 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2013.03.13 15:53:38 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64H.dll
[2013.03.13 15:53:38 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64H.dll
[2013.03.13 15:53:38 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64H.dll
[2013.03.13 15:53:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013.03.13 15:51:58 | 000,058,536 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys
[2013.03.13 15:51:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.03.13 15:51:44 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.03.13 15:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.03.13 15:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2013.03.13 15:46:14 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\Desktop\ghfkgfkf
[2013.03.13 15:46:01 | 003,669,504 | ---- | C] (Driver-Soft Inc.) -- C:\Users\Zdenda\Desktop\DriverGenius.exe
[2013.03.13 15:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
[2013.03.13 15:45:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2013.03.13 15:45:16 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\Desktop\TU
[2013.03.12 16:49:07 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\Desktop\Historické zvuky motorů (0.8.4)
[2013.03.11 21:59:20 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\Desktop\audio
[2013.03.08 09:28:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.07 19:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.03.07 19:57:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.03.07 19:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.03.07 19:55:04 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.03.07 19:55:03 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.07 19:54:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.03.07 11:54:22 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
[2013.03.06 20:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.03.06 20:26:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.03.06 20:18:11 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.06 20:18:11 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.06 15:24:08 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\iCe_WoW_Launcher
[2013.03.05 19:11:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2013.03.05 19:11:07 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\ICQ Search
[2013.03.05 19:11:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guard-ICQ
[2013.03.05 19:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2013.03.05 19:08:03 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\BitTorrent
[2013.03.05 18:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013.03.05 18:59:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013.03.05 18:59:40 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\.swt
[2013.03.05 12:33:31 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
[2013.03.02 12:40:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.03.19 22:00:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.19 21:26:10 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.19 21:26:10 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.19 21:19:07 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2013.03.19 21:18:06 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.19 21:18:04 | 000,000,364 | -H-- | M] () -- C:\Windows\tasks\ZoomExUpdaterTask{B41D989F-F197-4DE5-A5EB-5963A0D22A5C}.job
[2013.03.19 21:18:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.19 21:17:54 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.19 21:06:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.19 21:05:01 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.19 12:52:04 | 001,575,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.19 12:52:04 | 000,665,706 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.03.19 12:52:04 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.19 12:52:04 | 000,139,402 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.03.19 12:52:04 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.17 19:03:14 | 000,062,647 | ---- | M] () -- C:\Users\Zdenda\Desktop\kucak.jpg
[2013.03.17 18:52:19 | 000,122,007 | ---- | M] () -- C:\Users\Zdenda\Desktop\415464_2817962468025_910306582_o.jpg
[2013.03.17 18:47:43 | 000,093,516 | ---- | M] () -- C:\Users\Zdenda\Desktop\598848_2883364863044_145860592_n.jpg
[2013.03.17 18:47:07 | 000,058,980 | ---- | M] () -- C:\Users\Zdenda\Desktop\553473_2799218999450_606372972_n.jpg
[2013.03.16 19:27:42 | 000,183,937 | ---- | M] () -- C:\Users\Zdenda\Desktop\pizap.com13634579270251.jpg
[2013.03.14 23:07:10 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\DaeMU Season V.lnk
[2013.03.13 20:08:17 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.13 17:58:46 | 000,001,256 | ---- | M] () -- C:\Users\Zdenda\Desktop\Vampire Saga Pandořina skříňka.lnk
[2013.03.13 17:58:32 | 000,001,824 | ---- | M] () -- C:\Users\Zdenda\Desktop\Hry.cz .lnk
[2013.03.13 16:06:19 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 16:06:19 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.13 16:05:23 | 000,002,209 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2013.03.13 16:05:23 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.03.13 16:04:08 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.03.13 15:45:52 | 000,001,207 | ---- | M] () -- C:\Users\Zdenda\Desktop\Driver Genius.lnk
[2013.03.13 07:13:28 | 018,442,478 | ---- | M] () -- C:\Users\Zdenda\Desktop\Driver genius Proffesional Edition 12.0.0.1211.rar
[2013.03.07 19:57:23 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.07 11:53:03 | 000,001,272 | ---- | M] () -- C:\Users\Zdenda\Desktop\Prokletí vlkodlaků.lnk
[2013.03.06 20:27:13 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.03.05 19:13:28 | 000,001,259 | ---- | M] () -- C:\Users\Zdenda\Desktop\Star Trek Online.lnk
[2013.03.05 19:11:07 | 000,000,161 | ---- | M] () -- C:\Users\Public\Desktop\Hledat na webu.url
[2013.03.05 19:09:09 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2013.03.05 12:32:33 | 000,001,631 | ---- | M] () -- C:\Users\Zdenda\Desktop\Dům 1000 dveří Dlaň Zarathustry. Sběratelská edice.lnk
[2013.02.25 13:13:13 | 011,565,056 | ---- | M] () -- C:\Users\Zdenda\Desktop\iCe WoW Launcher.exe
[2013.02.17 22:10:33 | 000,007,605 | ---- | M] () -- C:\Users\Zdenda\AppData\Local\Resmon.ResmonCfg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdenda\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 60,98% Memory free
8,00 Gb Paging File | 6,03 Gb Available in Paging File | 75,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,18 Gb Total Space | 324,54 Gb Free Space | 66,48% Space Free | Partition Type: NTFS
Drive D: | 443,23 Gb Total Space | 303,30 Gb Free Space | 68,43% Space Free | Partition Type: NTFS
Drive F: | 6,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ZDENDAPC | User Name: Zdenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.03.19 21:56:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zdenda\Downloads\OTL.exe
PRC - [2013.03.13 16:06:19 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013.03.13 16:04:08 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013.03.13 16:04:08 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2013.03.08 09:29:03 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.03.05 19:11:04 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
PRC - [2013.02.05 16:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013.01.31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.01.23 21:13:30 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.01.13 18:08:22 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe
PRC - [2013.01.13 18:08:22 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
PRC - [2013.01.08 09:40:56 | 002,610,896 | ---- | M] (DT Soft Ltd) -- D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2013.01.08 00:50:44 | 000,020,608 | ---- | M] (Mr. John aka japamd) -- C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
PRC - [2012.12.04 10:39:26 | 000,235,008 | ---- | M] () -- C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
PRC - [2012.10.11 09:43:36 | 000,067,656 | ---- | M] (Simplygen) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
PRC - [2012.10.04 16:34:36 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
PRC - [2012.08.15 19:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.01.07 23:46:14 | 003,193,528 | ---- | M] (Thorvald Natvig) -- C:\Program Files (x86)\Mumble\mumble.exe
PRC - [2009.10.10 15:50:22 | 000,142,008 | ---- | M] () -- C:\Program Files (x86)\Mumble\dbus-daemon.exe
PRC - [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.13 16:06:19 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.03.13 16:04:08 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2013.03.13 16:04:08 | 000,156,848 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll
MOD - [2013.03.08 09:29:03 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.03.05 19:11:04 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
MOD - [2013.01.15 17:51:44 | 001,168,384 | ---- | M] () -- c:\Program Files (x86)\ZoomEx\sprotector.dll
MOD - [2012.12.04 10:39:26 | 000,235,008 | ---- | M] () -- C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
MOD - [2012.09.03 15:58:30 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012.09.03 15:58:22 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012.09.03 15:57:58 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012.09.03 15:57:52 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2010.01.07 23:49:54 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bf2142.dll
MOD - [2010.01.07 23:49:54 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bf2.dll
MOD - [2010.01.07 23:49:54 | 000,013,496 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\codmw2.dll
MOD - [2010.01.07 23:49:54 | 000,012,984 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\cod2.dll
MOD - [2010.01.07 23:49:52 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\insurgency.dll
MOD - [2010.01.07 23:49:52 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\aoc.dll
MOD - [2010.01.07 23:49:52 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bfheroes.dll
MOD - [2010.01.07 23:49:52 | 000,013,496 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\link.dll
MOD - [2010.01.07 23:49:52 | 000,013,496 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\codmw2so.dll
MOD - [2010.01.07 23:49:52 | 000,013,496 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\cod5.dll
MOD - [2010.01.07 23:49:50 | 000,066,232 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\manual.dll
MOD - [2010.01.07 23:49:50 | 000,017,080 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\wow.dll
MOD - [2010.01.07 23:49:50 | 000,015,032 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\lotro.dll
MOD - [2010.01.07 23:49:50 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\ut3.dll
MOD - [2010.01.07 23:49:50 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\ut2004.dll
MOD - [2010.01.07 23:49:50 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bf1942.dll
MOD - [2010.01.07 23:49:48 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\gmod.dll
MOD - [2010.01.07 23:49:48 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\dys.dll
MOD - [2010.01.07 23:49:48 | 000,017,592 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\tf2.dll
MOD - [2010.01.07 23:49:48 | 000,015,032 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\etqw.dll
MOD - [2010.01.07 23:49:46 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\hl2dm.dll
MOD - [2010.01.07 23:49:46 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\dods.dll
MOD - [2010.01.07 23:49:46 | 000,018,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\css.dll
MOD - [2010.01.07 23:49:46 | 000,015,032 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\cod4.dll
MOD - [2010.01.07 23:49:46 | 000,014,520 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\l4d.dll
MOD - [2010.01.07 23:49:46 | 000,013,496 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\wolfet.dll
MOD - [2010.01.07 23:46:26 | 002,345,656 | ---- | M] () -- C:\Program Files (x86)\Mumble\speex.sse2.dll
MOD - [2010.01.07 23:46:22 | 000,133,816 | ---- | M] () -- C:\Program Files (x86)\Mumble\mumble_ol.dll
MOD - [2010.01.07 23:46:22 | 000,118,456 | ---- | M] () -- C:\Program Files (x86)\Mumble\celt.0.7.0.sse2.dll
MOD - [2010.01.07 13:48:56 | 002,348,216 | ---- | M] () -- C:\Program Files (x86)\Mumble\libprotobuf.dll
MOD - [2010.01.07 13:48:44 | 000,039,096 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\iconengines\qsvgicon4.dll
MOD - [2010.01.07 13:48:42 | 000,283,832 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qtiff4.dll
MOD - [2010.01.07 13:48:38 | 000,020,664 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qsvg4.dll
MOD - [2010.01.07 13:48:34 | 000,230,072 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qmng4.dll
MOD - [2010.01.07 13:48:32 | 000,128,184 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qjpeg4.dll
MOD - [2010.01.07 13:48:28 | 000,030,392 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qico4.dll
MOD - [2010.01.07 13:48:26 | 000,025,784 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qgif4.dll
MOD - [2010.01.07 13:48:06 | 000,324,792 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtXml4.dll
MOD - [2010.01.07 13:47:56 | 000,264,888 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtSvg4.dll
MOD - [2010.01.07 13:47:52 | 000,640,184 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtSql4.dll
MOD - [2010.01.07 13:47:42 | 000,619,704 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtOpenGL4.dll
MOD - [2010.01.07 13:47:40 | 000,923,320 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtNetwork4.dll
MOD - [2010.01.07 13:47:30 | 007,660,728 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtGui4.dll
MOD - [2010.01.07 13:47:18 | 000,358,584 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtDBus4.dll
MOD - [2010.01.07 13:47:16 | 002,109,624 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtCore4.dll
MOD - [2009.12.14 06:33:12 | 001,758,720 | ---- | M] () -- C:\Program Files (x86)\Mumble\libsndfile-1.dll
MOD - [2009.11.05 21:12:32 | 002,359,296 | ---- | M] () -- C:\Program Files (x86)\Mumble\libmysql.dll
MOD - [2009.10.10 15:50:22 | 000,142,008 | ---- | M] () -- C:\Program Files (x86)\Mumble\dbus-daemon.exe
MOD - [2009.10.10 15:50:20 | 000,560,312 | ---- | M] () -- C:\Program Files (x86)\Mumble\dbus-1.dll
MOD - [2009.07.26 19:39:18 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.05.14 17:39:04 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\Mumble\libxml2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.11.16 21:44:58 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.11.16 15:27:28 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.13 16:06:20 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.13 16:04:08 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013.03.08 09:29:03 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.05 19:11:04 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2013.02.05 16:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2013.01.31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.01.23 21:13:30 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.01.13 18:08:22 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe -- (VideoDownloadConverter_4zService)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.01.08 00:50:44 | 000,020,608 | ---- | M] (Mr. John aka japamd) [Auto | Running] -- C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe -- (RadeonPro Support Service)
SRV - [2012.09.19 11:51:48 | 002,365,792 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.03.13 16:04:08 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.01.23 20:07:23 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.12.27 01:26:12 | 000,805,088 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.11.16 22:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012.11.16 22:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.11.16 20:39:12 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.08.28 13:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012.08.20 15:48:50 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012.08.20 15:48:48 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012.06.05 13:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2012.03.05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012.03.01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.09.19 04:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009.09.19 04:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009.09.19 04:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.10.29 08:05:54 | 000,811,008 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2007.04.20 12:40:10 | 000,873,216 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\3xHybr64.sys -- (3xHybr64)
DRV - [2012.09.19 10:50:50 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2002.12.10 09:11:42 | 000,006,852 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\Vcs.sys -- (Vcs)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=74f818f8 ... 242157054f
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{A523EF49-D07C-43C1-878F-17D6923C6472}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 242157054F}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... e&tid=2938
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\URLSearchHook: {93a3111f-4f74-4ed8-895e-d9708497629e} - No CLSID value found
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchab.com/?aff=7&uid=74f818f8 ... earchTerms}
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 242157054f
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{A523EF49-D07C-43C1-878F-17D6923C6472}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 242157054F}
IE - HKU\S-1-5-21-3594471807-556225314-2353248353-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "My Web Search"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: "My Web Search"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://home.mywebsearch.com/index.jhtml ... 3godDH0ABw"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsear ... searchfor="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.certified-toolbar.com?si= ... e&tid=2938"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.certified-toolbar.com?si= ... bs=true&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin [2013.01.13 18:08:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.03.13 16:05:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 09:29:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 09:29:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 09:29:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 09:29:01 | 000,000,000 | ---D | M]
[2012.09.27 19:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Extensions
[2013.03.05 19:11:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions
[2013.03.05 19:11:03 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2013.03.05 19:09:16 | 000,000,000 | ---D | M] (BitTorrentControl_v12) -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
[2013.01.13 18:08:10 | 000,000,000 | ---D | M] (VideoDownloadConverter) -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
[2013.01.23 18:45:13 | 000,000,000 | ---D | M] (Zoomex) -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\51002736c081d@51002736c0854.com
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\icqplugin.xml
[2013.01.13 18:08:25 | 000,009,631 | ---- | M] () -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\my-web-search.xml
[2013.01.23 18:45:05 | 000,002,090 | ---- | M] () -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\Searchab.xml
[2013.01.12 23:09:54 | 000,003,998 | ---- | M] () -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\sweetim.xml
[2012.11.28 20:42:19 | 000,003,269 | ---- | M] () -- C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\Web Search.xml
[2013.03.08 09:29:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.03.08 09:29:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.03.08 09:29:03 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.13 16:05:14 | 000,003,716 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2013.01.23 20:08:44 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013.02.19 22:12:15 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.19 22:12:15 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.19 22:12:15 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.19 22:12:15 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.11.28 20:42:19 | 000,003,269 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
[2013.02.19 22:12:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - homepage: http://www.google.com
O1 HOSTS File: ([2013.01.16 16:39:51 | 000,000,054 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Zoomex) - {031B4C0E-E357-91ED-FFFB-B328A08F972E} - C:\ProgramData\Zoomex\51002736c099f.dll ()
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Toolbar BHO) - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O2 - BHO: (DownTango Launcher) - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll (Simplytech Ltd.)
O2 - BHO: (Reg Error: Value error.) - {95B7759C-8C7F-4BF1-B163-73684A933233} - Reg Error: Value error. File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Search Assistant BHO) - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DownTango Launcher) - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll (Simplytech Ltd.)
O3 - HKLM\..\Toolbar: (Reg Error: Value error.) - {95B7759C-8C7F-4BF1-B163-73684A933233} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [VideoDownloadConverter Search Scope Monitor] C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3594471807-556225314-2353248353-1000..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3594471807-556225314-2353248353-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-3594471807-556225314-2353248353-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F841DED-4C86-4BF8-A102-EC1A12C5C762}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D49ECB5D-EB87-4F8D-AD02-861BDD4BC4C2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F950E98A-990D-4AFB-BDBA-CB88415FF0B6}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20 - AppInit_DLLs: (c:\progra~2\zoomex\sprote~1.dll) - c:\Program Files (x86)\ZoomEx\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.06.12 03:27:33 | 000,000,140 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{825f91cf-6551-11e2-b381-00242157054f}\Shell - "" = AutoRun
O33 - MountPoints2\{825f91cf-6551-11e2-b381-00242157054f}\Shell\AutoRun\command - "" = F:\Setup\rsrc\AUTORUN.EXE -- [2007.03.23 00:57:09 | 000,051,336 | R--- | M] ()
O33 - MountPoints2\{825f91cf-6551-11e2-b381-00242157054f}\Shell\dinstall\command - "" = F:\DirectX\DXSETUP.exe -- [2007.06.01 04:23:56 | 000,503,144 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{84cd154b-f4ae-11e1-8ef6-00242157054f}\Shell - "" = AutoRun
O33 - MountPoints2\{84cd154b-f4ae-11e1-8ef6-00242157054f}\Shell\AutoRun\command - "" = K:\Setup\rsrc\autorun.exe
O33 - MountPoints2\{84cd154b-f4ae-11e1-8ef6-00242157054f}\Shell\dinstall\command - "" = K:\Directx\dxsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.03.16 19:11:22 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\Anthropics
[2013.03.16 19:11:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Portrait Professional 11 Trial
[2013.03.16 19:10:59 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\Programs
[2013.03.14 15:25:07 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\VampireSaga
[2013.03.13 16:06:09 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\AVG Secure Search
[2013.03.13 16:05:27 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013.03.13 16:05:26 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013.03.13 16:05:26 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013.03.13 16:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.03.13 16:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2013.03.13 16:04:53 | 000,039,768 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.03.13 16:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013.03.13 16:04:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2013.03.13 16:03:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.03.13 16:03:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.03.13 16:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2013.03.13 16:02:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2013.03.13 16:00:50 | 001,567,744 | ---- | C] (Compro Technology, Inc.) -- C:\Windows\SysWow64\drivers\VMHybr64.sys
[2013.03.13 16:00:50 | 001,062,016 | ---- | C] (Compro Technology, Inc.) -- C:\Windows\SysWow64\drivers\VMHybrid.sys
[2013.03.13 16:00:39 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\AMD
[2013.03.13 16:00:27 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\ATI
[2013.03.13 16:00:27 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\ATI
[2013.03.13 16:00:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.03.13 16:00:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.03.13 16:00:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.03.13 16:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013.03.13 16:00:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013.03.13 15:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.03.13 15:59:03 | 000,805,088 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013.03.13 15:59:03 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013.03.13 15:59:03 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2013.03.13 15:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.03.13 15:58:27 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2013.03.13 15:58:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.03.13 15:54:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013.03.13 15:54:26 | 012,805,120 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2013.03.13 15:54:26 | 003,673,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013.03.13 15:54:26 | 002,744,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013.03.13 15:54:26 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2013.03.13 15:54:26 | 001,652,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013.03.13 15:54:26 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2013.03.13 15:54:26 | 001,273,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013.03.13 15:54:26 | 000,988,896 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013.03.13 15:54:26 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2013.03.13 15:54:26 | 000,772,224 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2013.03.13 15:54:26 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013.03.13 15:54:26 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013.03.13 15:54:26 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013.03.13 15:54:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013.03.13 15:54:26 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013.03.13 15:54:26 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2013.03.13 15:54:26 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013.03.13 15:54:26 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013.03.13 15:54:26 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013.03.13 15:54:26 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013.03.13 15:54:26 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013.03.13 15:54:26 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2013.03.13 15:54:26 | 000,126,688 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2013.03.13 15:54:26 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013.03.13 15:54:26 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2013.03.13 15:54:26 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2013.03.13 15:54:26 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013.03.13 15:54:26 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013.03.13 15:54:26 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2013.03.13 15:54:26 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2013.03.13 15:54:25 | 009,546,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2013.03.13 15:54:25 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2013.03.13 15:54:25 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2013.03.13 15:54:25 | 001,460,600 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2013.03.13 15:54:25 | 000,869,752 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013.03.13 15:54:25 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2013.03.13 15:54:25 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2013.03.13 15:54:25 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013.03.13 15:54:25 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013.03.13 15:54:25 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013.03.13 15:54:25 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2013.03.13 15:54:25 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2013.03.13 15:54:25 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2013.03.13 15:54:24 | 002,714,720 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013.03.13 15:54:24 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013.03.13 15:54:24 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013.03.13 15:54:24 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013.03.13 15:54:24 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013.03.13 15:54:24 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2013.03.13 15:54:24 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013.03.13 15:54:24 | 000,501,192 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2013.03.13 15:54:24 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013.03.13 15:54:24 | 000,487,368 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2013.03.13 15:54:24 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013.03.13 15:54:24 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013.03.13 15:54:24 | 000,415,688 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2013.03.13 15:54:24 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013.03.13 15:54:24 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013.03.13 15:54:24 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2013.03.13 15:54:24 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013.03.13 15:54:24 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2013.03.13 15:54:24 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2013.03.13 15:54:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013.03.13 15:54:22 | 002,079,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013.03.13 15:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013.03.13 15:53:39 | 003,746,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll
[2013.03.13 15:53:39 | 002,526,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll
[2013.03.13 15:53:39 | 000,372,056 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll
[2013.03.13 15:53:39 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2013.03.13 15:53:39 | 000,237,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys
[2013.03.13 15:53:39 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll
[2013.03.13 15:53:39 | 000,097,624 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll
[2013.03.13 15:53:39 | 000,092,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll
[2013.03.13 15:53:39 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll
[2013.03.13 15:53:38 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64H.dll
[2013.03.13 15:53:38 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64H.dll
[2013.03.13 15:53:38 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2013.03.13 15:53:38 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64H.dll
[2013.03.13 15:53:38 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64H.dll
[2013.03.13 15:53:38 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64H.dll
[2013.03.13 15:53:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013.03.13 15:51:58 | 000,058,536 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys
[2013.03.13 15:51:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.03.13 15:51:44 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.03.13 15:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.03.13 15:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2013.03.13 15:46:14 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\Desktop\ghfkgfkf
[2013.03.13 15:46:01 | 003,669,504 | ---- | C] (Driver-Soft Inc.) -- C:\Users\Zdenda\Desktop\DriverGenius.exe
[2013.03.13 15:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
[2013.03.13 15:45:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2013.03.13 15:45:16 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\Desktop\TU
[2013.03.12 16:49:07 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\Desktop\Historické zvuky motorů (0.8.4)
[2013.03.11 21:59:20 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\Desktop\audio
[2013.03.08 09:28:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.07 19:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.03.07 19:57:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.03.07 19:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.03.07 19:55:04 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.03.07 19:55:03 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.07 19:54:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.03.07 11:54:22 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
[2013.03.06 20:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.03.06 20:26:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.03.06 20:18:11 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.06 20:18:11 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.06 15:24:08 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Local\iCe_WoW_Launcher
[2013.03.05 19:11:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2013.03.05 19:11:07 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\ICQ Search
[2013.03.05 19:11:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guard-ICQ
[2013.03.05 19:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2013.03.05 19:08:03 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\BitTorrent
[2013.03.05 18:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013.03.05 18:59:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013.03.05 18:59:40 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\.swt
[2013.03.05 12:33:31 | 000,000,000 | ---D | C] -- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
[2013.03.02 12:40:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.03.19 22:00:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.19 21:26:10 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.19 21:26:10 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.19 21:19:07 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2013.03.19 21:18:06 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.19 21:18:04 | 000,000,364 | -H-- | M] () -- C:\Windows\tasks\ZoomExUpdaterTask{B41D989F-F197-4DE5-A5EB-5963A0D22A5C}.job
[2013.03.19 21:18:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.19 21:17:54 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.19 21:06:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.19 21:05:01 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.19 12:52:04 | 001,575,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.19 12:52:04 | 000,665,706 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.03.19 12:52:04 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.19 12:52:04 | 000,139,402 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.03.19 12:52:04 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.17 19:03:14 | 000,062,647 | ---- | M] () -- C:\Users\Zdenda\Desktop\kucak.jpg
[2013.03.17 18:52:19 | 000,122,007 | ---- | M] () -- C:\Users\Zdenda\Desktop\415464_2817962468025_910306582_o.jpg
[2013.03.17 18:47:43 | 000,093,516 | ---- | M] () -- C:\Users\Zdenda\Desktop\598848_2883364863044_145860592_n.jpg
[2013.03.17 18:47:07 | 000,058,980 | ---- | M] () -- C:\Users\Zdenda\Desktop\553473_2799218999450_606372972_n.jpg
[2013.03.16 19:27:42 | 000,183,937 | ---- | M] () -- C:\Users\Zdenda\Desktop\pizap.com13634579270251.jpg
[2013.03.14 23:07:10 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\DaeMU Season V.lnk
[2013.03.13 20:08:17 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.13 17:58:46 | 000,001,256 | ---- | M] () -- C:\Users\Zdenda\Desktop\Vampire Saga Pandořina skříňka.lnk
[2013.03.13 17:58:32 | 000,001,824 | ---- | M] () -- C:\Users\Zdenda\Desktop\Hry.cz .lnk
[2013.03.13 16:06:19 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 16:06:19 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.13 16:05:23 | 000,002,209 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2013.03.13 16:05:23 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.03.13 16:04:08 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.03.13 15:45:52 | 000,001,207 | ---- | M] () -- C:\Users\Zdenda\Desktop\Driver Genius.lnk
[2013.03.13 07:13:28 | 018,442,478 | ---- | M] () -- C:\Users\Zdenda\Desktop\Driver genius Proffesional Edition 12.0.0.1211.rar
[2013.03.07 19:57:23 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.07 11:53:03 | 000,001,272 | ---- | M] () -- C:\Users\Zdenda\Desktop\Prokletí vlkodlaků.lnk
[2013.03.06 20:27:13 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.03.05 19:13:28 | 000,001,259 | ---- | M] () -- C:\Users\Zdenda\Desktop\Star Trek Online.lnk
[2013.03.05 19:11:07 | 000,000,161 | ---- | M] () -- C:\Users\Public\Desktop\Hledat na webu.url
[2013.03.05 19:09:09 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2013.03.05 12:32:33 | 000,001,631 | ---- | M] () -- C:\Users\Zdenda\Desktop\Dům 1000 dveří Dlaň Zarathustry. Sběratelská edice.lnk
[2013.02.25 13:13:13 | 011,565,056 | ---- | M] () -- C:\Users\Zdenda\Desktop\iCe WoW Launcher.exe
[2013.02.17 22:10:33 | 000,007,605 | ---- | M] () -- C:\Users\Zdenda\AppData\Local\Resmon.ResmonCfg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
-
zdeny.m
- Návštěvník
- Příspěvky: 74
- Registrován: 29 lis 2004 18:54
- Bydliště: Holýšov
- Kontaktovat uživatele:
Re: dost se mi to spomalilo
[2013.03.19 22:00:51 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.17 19:03:14 | 000,062,647 | ---- | C] () -- C:\Users\Zdenda\Desktop\kucak.jpg
[2013.03.17 18:47:42 | 000,093,516 | ---- | C] () -- C:\Users\Zdenda\Desktop\598848_2883364863044_145860592_n.jpg
[2013.03.17 18:47:06 | 000,058,980 | ---- | C] () -- C:\Users\Zdenda\Desktop\553473_2799218999450_606372972_n.jpg
[2013.03.17 18:46:40 | 000,122,007 | ---- | C] () -- C:\Users\Zdenda\Desktop\415464_2817962468025_910306582_o.jpg
[2013.03.16 19:27:41 | 000,183,937 | ---- | C] () -- C:\Users\Zdenda\Desktop\pizap.com13634579270251.jpg
[2013.03.13 17:58:46 | 000,001,256 | ---- | C] () -- C:\Users\Zdenda\Desktop\Vampire Saga Pandořina skříňka.lnk
[2013.03.13 16:05:23 | 000,002,209 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2013.03.13 16:05:23 | 000,002,195 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.03.13 16:05:23 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.03.13 15:54:26 | 000,396,597 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013.03.13 15:45:52 | 000,001,207 | ---- | C] () -- C:\Users\Zdenda\Desktop\Driver Genius.lnk
[2013.03.13 15:45:24 | 018,442,478 | ---- | C] () -- C:\Users\Zdenda\Desktop\Driver genius Proffesional Edition 12.0.0.1211.rar
[2013.03.10 21:38:45 | 000,006,852 | ---- | C] () -- C:\Windows\SysWow64\drivers\Vcs.sys
[2013.03.07 19:57:23 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.07 19:57:20 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.07 19:55:11 | 000,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.07 19:55:07 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.07 11:53:03 | 000,001,272 | ---- | C] () -- C:\Users\Zdenda\Desktop\Prokletí vlkodlaků.lnk
[2013.03.06 20:27:13 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.03.06 20:18:13 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.06 15:23:51 | 011,565,056 | ---- | C] () -- C:\Users\Zdenda\Desktop\iCe WoW Launcher.exe
[2013.03.05 19:13:28 | 000,001,259 | ---- | C] () -- C:\Users\Zdenda\Desktop\Star Trek Online.lnk
[2013.03.05 19:11:07 | 000,000,161 | ---- | C] () -- C:\Users\Public\Desktop\Hledat na webu.url
[2013.03.05 19:09:09 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2013.03.05 12:32:33 | 000,001,631 | ---- | C] () -- C:\Users\Zdenda\Desktop\Dům 1000 dveří Dlaň Zarathustry. Sběratelská edice.lnk
[2013.02.17 22:10:33 | 000,007,605 | ---- | C] () -- C:\Users\Zdenda\AppData\Local\Resmon.ResmonCfg
[2013.01.15 20:33:22 | 000,000,156 | ---- | C] () -- C:\Users\Zdenda\AppData\Local\SRDownloader.err
[2013.01.15 20:28:23 | 000,001,360 | ---- | C] () -- C:\Users\Zdenda\AppData\Local\SRDownloader.nast
[2012.12.27 16:59:58 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.12.27 16:59:58 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.12.27 16:59:58 | 000,008,704 | ---- | C] () -- C:\Windows\SysWow64\vidccleaner.exe
[2012.12.13 17:52:11 | 000,281,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.12.13 17:51:52 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.11.28 20:42:14 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012.11.17 09:43:00 | 001,553,692 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.16 21:01:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.11.16 21:01:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.09.02 07:15:37 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012.09.01 20:29:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.18 18:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.01.31 19:51:04 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\.minecraft
[2013.01.18 17:32:26 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\4 Friends Games
[2013.03.05 12:33:31 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
[2012.11.29 20:39:36 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Babylon
[2013.03.07 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\BitTorrent
[2013.01.31 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Canneverbe Limited
[2013.03.07 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\DAEMON Tools Lite
[2013.02.05 18:42:46 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar
[2013.01.18 13:56:31 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Games
[2013.03.05 19:11:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\ICQ Search
[2013.01.12 23:57:56 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Mount&Blade
[2013.03.19 21:19:52 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Mumble
[2013.01.13 21:21:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\OpenOffice.org
[2013.01.16 16:55:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Princess Isabella
[2013.02.17 11:58:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\RadeonPro
[2012.12.27 16:59:57 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Samsung
[2013.01.28 12:19:56 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\skyz
[2013.01.21 11:15:11 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\spidla
[2013.03.07 11:54:23 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
[2013.03.05 22:15:20 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\TS3Client
[2013.01.31 22:17:34 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\TuneUp Software
[2013.01.18 13:07:30 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\V-Games
[2013.03.14 15:25:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\VampireSaga
[2012.09.02 12:49:05 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\wargaming.net
[2013.01.21 11:07:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Špidla Data Processing, s.r.o
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,586 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.01.12 23:09:06 | 000,000,360 | ---- | C] () -- C:\Windows\Tasks\AmiUpdXp.job
[2013.01.23 18:45:17 | 000,000,364 | -H-- | C] () -- C:\Windows\Tasks\ZoomExUpdaterTask{B41D989F-F197-4DE5-A5EB-5963A0D22A5C}.job
[2013.03.06 20:18:13 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.07 19:55:07 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.07 19:55:11 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.04.24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012.04.24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.04.24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.04.24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.04.24 06:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012.04.24 06:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\SysNative\cryptsvc.dll
[2012.04.24 06:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012.04.24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 06:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 07:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.01.31 19:51:04 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\.minecraft
[2013.01.18 17:32:26 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\4 Friends Games
[2012.09.01 20:50:12 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Adobe
[2013.03.05 12:33:31 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
[2013.03.13 16:00:27 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\ATI
[2012.11.29 20:39:36 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Babylon
[2013.03.07 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\BitTorrent
[2013.01.31 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Canneverbe Limited
[2013.03.07 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\DAEMON Tools Lite
[2013.02.05 18:42:46 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar
[2013.01.18 13:56:31 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Games
[2013.03.05 19:11:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\ICQ Search
[2012.09.01 20:39:39 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Identities
[2012.12.27 16:59:41 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\InstallShield
[2012.09.01 20:50:12 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Macromedia
[2009.07.14 08:45:14 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Media Center Programs
[2013.03.12 15:40:15 | 000,000,000 | --SD | M] -- C:\Users\Zdenda\AppData\Roaming\Microsoft
[2013.01.12 23:57:56 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Mount&Blade
[2012.09.27 19:06:22 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Mozilla
[2013.03.19 21:19:52 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Mumble
[2013.01.13 21:21:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\OpenOffice.org
[2013.01.16 16:55:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Princess Isabella
[2013.02.17 11:58:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\RadeonPro
[2012.12.27 16:59:57 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Samsung
[2013.03.19 21:19:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Skype
[2013.01.28 12:19:56 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\skyz
[2013.01.21 11:15:11 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\spidla
[2013.03.07 11:54:23 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
[2013.03.05 22:15:20 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\TS3Client
[2013.01.31 22:17:34 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\TuneUp Software
[2013.01.18 13:07:30 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\V-Games
[2013.03.14 15:25:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\VampireSaga
[2013.03.07 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Ventrilo
[2012.09.02 12:49:05 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\wargaming.net
[2012.09.02 05:11:57 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\WinRAR
[2013.01.21 11:07:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Špidla Data Processing, s.r.o
< %APPDATA%\*.exe /s >
[2013.03.05 19:09:09 | 001,133,392 | ---- | M] (BitTorrent Inc.) -- C:\Users\Zdenda\AppData\Roaming\BitTorrent\BitTorrent.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.01.08 09:41:08 | 003,674,320 | ---- | M] (DT Soft Ltd)
"Sidebar" = C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.01.08 12:59:26 | 018,705,664 | R--- | M] (Skype Technologies S.A.)
"Pando Media Booster" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe -- [2013.03.05 19:02:36 | 000,507,984 | ---- | M] ()
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.19 22:00:51 | 000,000,512 | ---- | M] () MD5=49C4C6CE692C5F274AF86B156D3CC632 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2008.09.23 17:19:06 | 000,016,223 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0001.OZJ
[2008.09.23 17:19:06 | 000,017,939 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0002.OZJ
[2008.09.23 17:19:06 | 000,020,684 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0003.OZJ
[2008.09.23 17:19:06 | 000,023,889 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0004.OZJ
[2008.09.23 17:19:06 | 000,027,580 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0005.OZJ
[2008.09.23 17:19:06 | 000,029,199 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0006.OZJ
[2008.09.23 17:19:06 | 000,028,015 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0007.OZJ
[2009.06.30 15:38:36 | 000,034,210 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\GoblinCrack.OZJ
[2008.05.20 17:23:32 | 000,011,320 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\knight_plancrack_a.bmd
[2008.05.26 11:10:42 | 000,005,648 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\knight_plancrack_b.bmd
[2008.04.24 16:01:00 | 000,160,240 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\knight_plancrack_grand.bmd
[2009.06.30 15:38:32 | 000,002,072 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\NpcGagoil_Crack01.bmd
[2009.06.30 15:38:32 | 000,004,428 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\NpcGagoil_Crack02.bmd
[2009.06.30 15:38:32 | 000,003,024 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\NpcGagoil_Crack03.bmd
[2003.01.13 08:38:06 | 000,003,448 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Item\firecracker.OZJ
[2009.06.30 15:38:36 | 000,034,210 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Monster\GoblinCrack.OZJ
[2006.07.03 10:30:54 | 000,016,685 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Object40\han_mcrack.OZJ
[2010.09.05 16:41:32 | 000,016,176 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Sound\eFirecracker1.wav
[2010.09.05 16:41:34 | 000,016,581 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Sound\eFirecracker2.wav
[2012.09.16 17:21:26 | 000,011,216 | ---- | M] () -- \Program Files (x86)\Hry.cz\Living Legends Ice Rose Collectors Edition\Data\Textures\Levels\21_Lift\Lamp_Crack.png
[2012.11.27 07:34:16 | 026,234,519 | ---- | M] () -- \Users\Zdenda\Desktop\Janina\Nová složka\Android hry\Plague Inc. v1.0.4 (billing cracked) By bobiras2009.apk
< *keygen* /s >
< *loader* /s >
[2013.03.13 16:04:07 | 000,019,497 | ---- | M] () -- \Program Files (x86)\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2012.09.01 21:08:46 | 000,000,195 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.11.30 00:32:34 | 000,170,288 | ---- | M] () -- \Program Files (x86)\Cheat Engine 6.2\Kernelmoduleunloader.exe
[2012.08.13 10:52:58 | 000,006,081 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.08.10 16:50:58 | 000,020,992 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012.08.13 11:04:18 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.08.10 16:50:54 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012.08.13 10:12:36 | 000,003,868 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2012.06.09 18:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.03.13 16:04:07 | 000,006,494 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1\modules\skin\ajax-loader.gif
[2013.03.13 16:04:07 | 000,000,729 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1\modules\skin\loader.gif
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.10.01 12:36:00 | 000,387,800 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.bundle
[2012.07.09 23:11:00 | 000,693,704 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.dll
[2013.03.13 16:04:07 | 000,006,494 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\14.2.0.1\modules\skin\ajax-loader.gif
[2013.03.13 16:04:07 | 000,000,729 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\14.2.0.1\modules\skin\loader.gif
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.10.01 12:36:00 | 000,387,800 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.bundle
[2012.07.09 23:11:00 | 000,693,704 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.dll
[2009.12.24 00:57:55 | 000,069,632 | ---- | M] () -- \Users\Public\Games\Cryptic Studios\Star Trek Online\Live\PhysXLoader.dll
[2013.01.15 20:33:56 | 000,000,156 | ---- | M] () -- \Users\Zdenda\AppData\Local\SRDownloader.err
[2013.01.15 20:56:55 | 000,001,360 | ---- | M] () -- \Users\Zdenda\AppData\Local\SRDownloader.nast
[2013.01.23 20:08:12 | 000,057,728 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2013.01.23 20:08:13 | 000,057,728 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2013.01.23 20:08:13 | 000,057,728 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2013.01.23 20:08:14 | 000,057,728 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2013.01.23 20:08:15 | 000,057,728 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2013.01.23 20:08:15 | 000,061,770 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2013.01.23 20:08:16 | 000,061,770 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.07.17 13:18:16 | 000,009,051 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.17 13:18:16 | 000,016,119 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.17 13:18:16 | 000,018,434 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.07.17 13:18:16 | 000,009,283 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.07.17 13:18:16 | 000,001,898 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2013.02.15 12:27:58 | 000,000,847 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\ac\img\ajax-loader.gif
[2013.02.15 12:27:58 | 000,001,135 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\ac\img\loader-icon.png
[2013.02.15 12:27:58 | 000,003,208 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\ui\gf\img\loader.gif
[2013.02.15 12:27:58 | 000,001,849 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2013.01.28 12:25:47 | 000,191,687 | ---- | M] () -- \Users\Zdenda\Downloads\ModLoader.zip
[2012.11.28 20:41:32 | 004,424,376 | ---- | M] () -- \Users\Zdenda\Downloads\Root_for_california_acces_tab-GoClever_7500-unknow_Full_rk29.7z_downloader.exe
[2010.11.20 11:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 13:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.26 19:40:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.26 19:40:31 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.26 19:40:31 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.26 19:40:31 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.26 19:40:31 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 06:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 06:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 06:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 06:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 06:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2012.09.02 12:13:26 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2012.09.02 12:13:27 | 000,640,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.efi_75834aa0
[2012.09.02 12:13:27 | 000,603,976 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.exe_75835076
[2012.09.02 12:13:27 | 000,556,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.efi_85cd069f
[2012.09.02 12:13:27 | 000,518,160 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.26 19:38:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
[2013.03.17 19:03:14 | 000,062,647 | ---- | C] () -- C:\Users\Zdenda\Desktop\kucak.jpg
[2013.03.17 18:47:42 | 000,093,516 | ---- | C] () -- C:\Users\Zdenda\Desktop\598848_2883364863044_145860592_n.jpg
[2013.03.17 18:47:06 | 000,058,980 | ---- | C] () -- C:\Users\Zdenda\Desktop\553473_2799218999450_606372972_n.jpg
[2013.03.17 18:46:40 | 000,122,007 | ---- | C] () -- C:\Users\Zdenda\Desktop\415464_2817962468025_910306582_o.jpg
[2013.03.16 19:27:41 | 000,183,937 | ---- | C] () -- C:\Users\Zdenda\Desktop\pizap.com13634579270251.jpg
[2013.03.13 17:58:46 | 000,001,256 | ---- | C] () -- C:\Users\Zdenda\Desktop\Vampire Saga Pandořina skříňka.lnk
[2013.03.13 16:05:23 | 000,002,209 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2013.03.13 16:05:23 | 000,002,195 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.03.13 16:05:23 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.03.13 15:54:26 | 000,396,597 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013.03.13 15:45:52 | 000,001,207 | ---- | C] () -- C:\Users\Zdenda\Desktop\Driver Genius.lnk
[2013.03.13 15:45:24 | 018,442,478 | ---- | C] () -- C:\Users\Zdenda\Desktop\Driver genius Proffesional Edition 12.0.0.1211.rar
[2013.03.10 21:38:45 | 000,006,852 | ---- | C] () -- C:\Windows\SysWow64\drivers\Vcs.sys
[2013.03.07 19:57:23 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.07 19:57:20 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.07 19:55:11 | 000,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.07 19:55:07 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.07 11:53:03 | 000,001,272 | ---- | C] () -- C:\Users\Zdenda\Desktop\Prokletí vlkodlaků.lnk
[2013.03.06 20:27:13 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.03.06 20:18:13 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.06 15:23:51 | 011,565,056 | ---- | C] () -- C:\Users\Zdenda\Desktop\iCe WoW Launcher.exe
[2013.03.05 19:13:28 | 000,001,259 | ---- | C] () -- C:\Users\Zdenda\Desktop\Star Trek Online.lnk
[2013.03.05 19:11:07 | 000,000,161 | ---- | C] () -- C:\Users\Public\Desktop\Hledat na webu.url
[2013.03.05 19:09:09 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2013.03.05 12:32:33 | 000,001,631 | ---- | C] () -- C:\Users\Zdenda\Desktop\Dům 1000 dveří Dlaň Zarathustry. Sběratelská edice.lnk
[2013.02.17 22:10:33 | 000,007,605 | ---- | C] () -- C:\Users\Zdenda\AppData\Local\Resmon.ResmonCfg
[2013.01.15 20:33:22 | 000,000,156 | ---- | C] () -- C:\Users\Zdenda\AppData\Local\SRDownloader.err
[2013.01.15 20:28:23 | 000,001,360 | ---- | C] () -- C:\Users\Zdenda\AppData\Local\SRDownloader.nast
[2012.12.27 16:59:58 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.12.27 16:59:58 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.12.27 16:59:58 | 000,008,704 | ---- | C] () -- C:\Windows\SysWow64\vidccleaner.exe
[2012.12.13 17:52:11 | 000,281,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.12.13 17:51:52 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.11.28 20:42:14 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012.11.17 09:43:00 | 001,553,692 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.16 21:01:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.11.16 21:01:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.09.02 07:15:37 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012.09.01 20:29:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.18 18:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.01.31 19:51:04 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\.minecraft
[2013.01.18 17:32:26 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\4 Friends Games
[2013.03.05 12:33:31 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
[2012.11.29 20:39:36 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Babylon
[2013.03.07 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\BitTorrent
[2013.01.31 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Canneverbe Limited
[2013.03.07 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\DAEMON Tools Lite
[2013.02.05 18:42:46 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar
[2013.01.18 13:56:31 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Games
[2013.03.05 19:11:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\ICQ Search
[2013.01.12 23:57:56 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Mount&Blade
[2013.03.19 21:19:52 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Mumble
[2013.01.13 21:21:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\OpenOffice.org
[2013.01.16 16:55:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Princess Isabella
[2013.02.17 11:58:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\RadeonPro
[2012.12.27 16:59:57 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Samsung
[2013.01.28 12:19:56 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\skyz
[2013.01.21 11:15:11 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\spidla
[2013.03.07 11:54:23 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
[2013.03.05 22:15:20 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\TS3Client
[2013.01.31 22:17:34 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\TuneUp Software
[2013.01.18 13:07:30 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\V-Games
[2013.03.14 15:25:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\VampireSaga
[2012.09.02 12:49:05 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\wargaming.net
[2013.01.21 11:07:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Špidla Data Processing, s.r.o
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,586 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.01.12 23:09:06 | 000,000,360 | ---- | C] () -- C:\Windows\Tasks\AmiUpdXp.job
[2013.01.23 18:45:17 | 000,000,364 | -H-- | C] () -- C:\Windows\Tasks\ZoomExUpdaterTask{B41D989F-F197-4DE5-A5EB-5963A0D22A5C}.job
[2013.03.06 20:18:13 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.07 19:55:07 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.07 19:55:11 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.04.24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012.04.24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.04.24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.04.24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.04.24 06:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012.04.24 06:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\SysNative\cryptsvc.dll
[2012.04.24 06:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012.04.24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 06:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 07:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
< MD5 for: NDIS.SYS >
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.01.31 19:51:04 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\.minecraft
[2013.01.18 17:32:26 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\4 Friends Games
[2012.09.01 20:50:12 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Adobe
[2013.03.05 12:33:31 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
[2013.03.13 16:00:27 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\ATI
[2012.11.29 20:39:36 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Babylon
[2013.03.07 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\BitTorrent
[2013.01.31 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Canneverbe Limited
[2013.03.07 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\DAEMON Tools Lite
[2013.02.05 18:42:46 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar
[2013.01.18 13:56:31 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Games
[2013.03.05 19:11:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\ICQ Search
[2012.09.01 20:39:39 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Identities
[2012.12.27 16:59:41 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\InstallShield
[2012.09.01 20:50:12 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Macromedia
[2009.07.14 08:45:14 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Media Center Programs
[2013.03.12 15:40:15 | 000,000,000 | --SD | M] -- C:\Users\Zdenda\AppData\Roaming\Microsoft
[2013.01.12 23:57:56 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Mount&Blade
[2012.09.27 19:06:22 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Mozilla
[2013.03.19 21:19:52 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Mumble
[2013.01.13 21:21:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\OpenOffice.org
[2013.01.16 16:55:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Princess Isabella
[2013.02.17 11:58:48 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\RadeonPro
[2012.12.27 16:59:57 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Samsung
[2013.03.19 21:19:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Skype
[2013.01.28 12:19:56 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\skyz
[2013.01.21 11:15:11 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\spidla
[2013.03.07 11:54:23 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
[2013.03.05 22:15:20 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\TS3Client
[2013.01.31 22:17:34 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\TuneUp Software
[2013.01.18 13:07:30 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\V-Games
[2013.03.14 15:25:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\VampireSaga
[2013.03.07 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Ventrilo
[2012.09.02 12:49:05 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\wargaming.net
[2012.09.02 05:11:57 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\WinRAR
[2013.01.21 11:07:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenda\AppData\Roaming\Špidla Data Processing, s.r.o
< %APPDATA%\*.exe /s >
[2013.03.05 19:09:09 | 001,133,392 | ---- | M] (BitTorrent Inc.) -- C:\Users\Zdenda\AppData\Roaming\BitTorrent\BitTorrent.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.01.08 09:41:08 | 003,674,320 | ---- | M] (DT Soft Ltd)
"Sidebar" = C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.01.08 12:59:26 | 018,705,664 | R--- | M] (Skype Technologies S.A.)
"Pando Media Booster" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe -- [2013.03.05 19:02:36 | 000,507,984 | ---- | M] ()
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.19 22:00:51 | 000,000,512 | ---- | M] () MD5=49C4C6CE692C5F274AF86B156D3CC632 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2008.09.23 17:19:06 | 000,016,223 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0001.OZJ
[2008.09.23 17:19:06 | 000,017,939 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0002.OZJ
[2008.09.23 17:19:06 | 000,020,684 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0003.OZJ
[2008.09.23 17:19:06 | 000,023,889 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0004.OZJ
[2008.09.23 17:19:06 | 000,027,580 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0005.OZJ
[2008.09.23 17:19:06 | 000,029,199 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0006.OZJ
[2008.09.23 17:19:06 | 000,028,015 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\firecracker0007.OZJ
[2009.06.30 15:38:36 | 000,034,210 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\GoblinCrack.OZJ
[2008.05.20 17:23:32 | 000,011,320 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\knight_plancrack_a.bmd
[2008.05.26 11:10:42 | 000,005,648 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\knight_plancrack_b.bmd
[2008.04.24 16:01:00 | 000,160,240 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\knight_plancrack_grand.bmd
[2009.06.30 15:38:32 | 000,002,072 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\NpcGagoil_Crack01.bmd
[2009.06.30 15:38:32 | 000,004,428 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\NpcGagoil_Crack02.bmd
[2009.06.30 15:38:32 | 000,003,024 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Effect\NpcGagoil_Crack03.bmd
[2003.01.13 08:38:06 | 000,003,448 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Item\firecracker.OZJ
[2009.06.30 15:38:36 | 000,034,210 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Monster\GoblinCrack.OZJ
[2006.07.03 10:30:54 | 000,016,685 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Object40\han_mcrack.OZJ
[2010.09.05 16:41:32 | 000,016,176 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Sound\eFirecracker1.wav
[2010.09.05 16:41:34 | 000,016,581 | ---- | M] () -- \Program Files (x86)\DaemonicMU Season V\Data\Sound\eFirecracker2.wav
[2012.09.16 17:21:26 | 000,011,216 | ---- | M] () -- \Program Files (x86)\Hry.cz\Living Legends Ice Rose Collectors Edition\Data\Textures\Levels\21_Lift\Lamp_Crack.png
[2012.11.27 07:34:16 | 026,234,519 | ---- | M] () -- \Users\Zdenda\Desktop\Janina\Nová složka\Android hry\Plague Inc. v1.0.4 (billing cracked) By bobiras2009.apk
< *keygen* /s >
< *loader* /s >
[2013.03.13 16:04:07 | 000,019,497 | ---- | M] () -- \Program Files (x86)\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2012.09.01 21:08:46 | 000,000,195 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.11.30 00:32:34 | 000,170,288 | ---- | M] () -- \Program Files (x86)\Cheat Engine 6.2\Kernelmoduleunloader.exe
[2012.08.13 10:52:58 | 000,006,081 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.08.10 16:50:58 | 000,020,992 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012.08.13 11:04:18 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.08.10 16:50:54 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012.08.13 10:12:36 | 000,003,868 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2012.06.09 18:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.03.13 16:04:07 | 000,006,494 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1\modules\skin\ajax-loader.gif
[2013.03.13 16:04:07 | 000,000,729 | ---- | M] () -- \ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1\modules\skin\loader.gif
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.10.01 12:36:00 | 000,387,800 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.bundle
[2012.07.09 23:11:00 | 000,693,704 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.dll
[2013.03.13 16:04:07 | 000,006,494 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\14.2.0.1\modules\skin\ajax-loader.gif
[2013.03.13 16:04:07 | 000,000,729 | ---- | M] () -- \Users\All Users\AVG Secure Search\FireFoxExt\14.2.0.1\modules\skin\loader.gif
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.10.01 12:36:00 | 000,387,800 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.bundle
[2012.07.09 23:11:00 | 000,693,704 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.dll
[2009.12.24 00:57:55 | 000,069,632 | ---- | M] () -- \Users\Public\Games\Cryptic Studios\Star Trek Online\Live\PhysXLoader.dll
[2013.01.15 20:33:56 | 000,000,156 | ---- | M] () -- \Users\Zdenda\AppData\Local\SRDownloader.err
[2013.01.15 20:56:55 | 000,001,360 | ---- | M] () -- \Users\Zdenda\AppData\Local\SRDownloader.nast
[2013.01.23 20:08:12 | 000,057,728 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2013.01.23 20:08:13 | 000,057,728 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2013.01.23 20:08:13 | 000,057,728 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2013.01.23 20:08:14 | 000,057,728 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2013.01.23 20:08:15 | 000,057,728 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2013.01.23 20:08:15 | 000,061,770 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2013.01.23 20:08:16 | 000,061,770 | ---- | M] () -- \Users\Zdenda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.07.17 13:18:16 | 000,009,051 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.17 13:18:16 | 000,016,119 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.17 13:18:16 | 000,018,434 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.07.17 13:18:16 | 000,009,283 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.07.17 13:18:16 | 000,001,898 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2013.02.15 12:27:58 | 000,000,847 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\ac\img\ajax-loader.gif
[2013.02.15 12:27:58 | 000,001,135 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\ac\img\loader-icon.png
[2013.02.15 12:27:58 | 000,003,208 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\ui\gf\img\loader.gif
[2013.02.15 12:27:58 | 000,001,849 | ---- | M] () -- \Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\chrome\CT3225826\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2013.01.28 12:25:47 | 000,191,687 | ---- | M] () -- \Users\Zdenda\Downloads\ModLoader.zip
[2012.11.28 20:41:32 | 004,424,376 | ---- | M] () -- \Users\Zdenda\Downloads\Root_for_california_acces_tab-GoClever_7500-unknow_Full_rk29.7z_downloader.exe
[2010.11.20 11:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 13:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.26 19:40:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.26 19:40:31 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.26 19:40:31 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.26 19:40:31 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.26 19:40:31 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 06:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 06:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 06:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 06:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 06:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2012.09.02 12:13:26 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2012.09.02 12:13:27 | 000,640,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.efi_75834aa0
[2012.09.02 12:13:27 | 000,603,976 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.exe_75835076
[2012.09.02 12:13:27 | 000,556,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.efi_85cd069f
[2012.09.02 12:13:27 | 000,518,160 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.26 19:38:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
-
zdeny.m
- Návštěvník
- Příspěvky: 74
- Registrován: 29 lis 2004 18:54
- Bydliště: Holýšov
- Kontaktovat uživatele:
Re: dost se mi to spomalilo
< *activator* /s >
[2012.09.19 11:50:18 | 000,318,304 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\ProgramDeactivator.exe
[2012.09.19 11:51:48 | 000,112,992 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe
[2009.09.25 14:00:00 | 000,003,006 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\deinstallation_programDeactivator_40x40.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_16.png
[2009.09.25 14:00:00 | 000,004,191 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_24x24.png
[2009.09.25 14:00:00 | 000,003,100 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_32.png
[2009.09.25 14:00:00 | 000,006,373 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_64.png
[2009.09.25 14:00:00 | 000,004,191 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\Integrator\images\panel2\iconProgramDeactivator.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\Integrator\images\panel6\ProgramDeactivator_16x16.png
[2013.03.13 16:05:23 | 000,002,461 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\All functions\TuneUp Program Deactivator.lnk
[2013.03.13 16:05:23 | 000,002,461 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\All functions\TuneUp Program Deactivator.lnk
< *serial* /s >
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.07.26 19:39:28 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.09.03 15:58:30 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\35fcbda2532ece23d09a044aa2ef62a4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.09.03 16:20:49 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3848d7865bda88a9e94e03480b5ada2f\System.Runtime.Serialization.ni.dll
[2009.07.14 05:56:20 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2009.07.14 05:55:32 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009.07.14 05:59:40 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\12aaff696a0c54773664b4c5407deaa2\System.Runtime.Serialization.ni.dll
[2012.09.03 16:04:26 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\3805923cd6a0d7c9c4c872c1ede4619d\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009.07.14 05:57:59 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\d0c6d3aadce1e38bbcb06905e132a503\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.09.03 16:12:15 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\f37d2ca916cafdabe1c4f6f9c6b2c518\System.Runtime.Serialization.ni.dll
[2012.09.03 17:25:24 | 000,310,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.09.03 17:25:20 | 002,625,024 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2012.09.03 16:16:38 | 003,375,616 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\08fba6b56d838ad48b4451c82e5728d4\System.Runtime.Serialization.ni.dll
[2012.09.03 16:16:48 | 000,374,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b468f9d8655e91b7a6aa11473eca4a97\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.09.03 16:08:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.09.03 16:02:58 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.03 16:08:15 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.09.03 16:02:57 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:30 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 01:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 01:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:27 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 01:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 01:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2010.11.20 04:55:00 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_hu-hu_1778ab4419ab99ad.manifest
[2010.11.20 04:50:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_nl-nl_28520112cd09eae9.manifest
[2010.11.20 04:54:56 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_sv-se_0bbde5ad62777806.manifest
[2010.11.20 05:45:14 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-cn_493a46a2345c6076.manifest
[2010.11.20 05:43:54 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-tw_48d9179c34a52b86.manifest
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.26 19:39:19 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.26 19:36:24 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.26 19:39:19 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2009.07.26 19:36:24 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2009.07.26 19:39:27 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.26 19:39:30 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:26:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2009.07.26 19:36:23 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2009.07.26 19:39:32 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 03:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2012.09.02 12:13:27 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2012.09.02 12:13:27 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933_kdcom.dll_db5e7744
[2009.07.26 19:40:31 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 06:37:34 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781_serialui.dll.mui_7d29d2a3
[2009.07.26 19:36:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.26 19:40:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 06:37:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.26 19:36:48 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.07.26 19:38:37 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 03:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:28 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009.07.26 19:39:30 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.26 19:39:19 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.26 19:36:24 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
[2012.09.19 11:50:18 | 000,318,304 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\ProgramDeactivator.exe
[2012.09.19 11:51:48 | 000,112,992 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe
[2009.09.25 14:00:00 | 000,003,006 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\deinstallation_programDeactivator_40x40.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_16.png
[2009.09.25 14:00:00 | 000,004,191 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_24x24.png
[2009.09.25 14:00:00 | 000,003,100 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_32.png
[2009.09.25 14:00:00 | 000,006,373 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\icon_ProgramDeactivator_64.png
[2009.09.25 14:00:00 | 000,004,191 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\Integrator\images\panel2\iconProgramDeactivator.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files (x86)\TuneUp Utilities 2013\data\Integrator\images\panel6\ProgramDeactivator_16x16.png
[2013.03.13 16:05:23 | 000,002,461 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\All functions\TuneUp Program Deactivator.lnk
[2013.03.13 16:05:23 | 000,002,461 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\All functions\TuneUp Program Deactivator.lnk
< *serial* /s >
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.07.26 19:39:28 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.09.03 15:58:30 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\35fcbda2532ece23d09a044aa2ef62a4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.09.03 16:20:49 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3848d7865bda88a9e94e03480b5ada2f\System.Runtime.Serialization.ni.dll
[2009.07.14 05:56:20 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2009.07.14 05:55:32 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009.07.14 05:59:40 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\12aaff696a0c54773664b4c5407deaa2\System.Runtime.Serialization.ni.dll
[2012.09.03 16:04:26 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\3805923cd6a0d7c9c4c872c1ede4619d\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009.07.14 05:57:59 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\d0c6d3aadce1e38bbcb06905e132a503\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.09.03 16:12:15 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\f37d2ca916cafdabe1c4f6f9c6b2c518\System.Runtime.Serialization.ni.dll
[2012.09.03 17:25:24 | 000,310,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.09.03 17:25:20 | 002,625,024 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2012.09.03 16:16:38 | 003,375,616 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\08fba6b56d838ad48b4451c82e5728d4\System.Runtime.Serialization.ni.dll
[2012.09.03 16:16:48 | 000,374,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b468f9d8655e91b7a6aa11473eca4a97\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.09.03 16:08:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.09.03 16:02:58 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.03 16:08:15 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.09.03 16:02:57 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:30 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 01:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 01:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:27 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 01:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 01:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2010.11.20 04:55:00 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_hu-hu_1778ab4419ab99ad.manifest
[2010.11.20 04:50:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_nl-nl_28520112cd09eae9.manifest
[2010.11.20 04:54:56 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_sv-se_0bbde5ad62777806.manifest
[2010.11.20 05:45:14 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-cn_493a46a2345c6076.manifest
[2010.11.20 05:43:54 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17514_zh-tw_48d9179c34a52b86.manifest
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.26 19:39:19 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009.07.26 19:36:24 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.26 19:39:19 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2009.07.26 19:36:24 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2009.07.26 19:39:27 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.26 19:39:30 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:26:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2009.07.26 19:36:23 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2009.07.26 19:39:32 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 03:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2012.09.02 12:13:27 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2012.09.02 12:13:27 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933_kdcom.dll_db5e7744
[2009.07.26 19:40:31 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 06:37:34 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781_serialui.dll.mui_7d29d2a3
[2009.07.26 19:36:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.26 19:40:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 06:37:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009.07.26 19:36:48 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.07.26 19:38:37 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 03:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:39:28 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009.07.26 19:39:30 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.26 19:39:19 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009.07.26 19:36:24 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.26 19:39:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
-
zdeny.m
- Návštěvník
- Příspěvky: 74
- Registrován: 29 lis 2004 18:54
- Bydliště: Holýšov
- Kontaktovat uživatele:
Re: dost se mi to spomalilo
+ zasilam znova RSIT log neco mi zamklo slozky a mam pocit ze tu mam nakej keyloger spis mam strach ale nemuzu ho najit
Logfile of random's system information tool 1.08 (written by random/random)
Run by Zdenda at 2013-03-26 20:04:47
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 327 GB (65%) free of 500 GB
Total RAM: 4095 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:04:57, on 26.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Mumble\mumble.exe
D:\Games\World_of_Tanks\WorldOfTanks.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
C:\Program Files\trend micro\Zdenda.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=74f818f8 ... 242157054f
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Zoomex - {031B4C0E-E357-91ED-FFFB-B328A08F972E} - C:\ProgramData\Zoomex\51002736c099f.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O9 - Extra button: (no name) - {5f7f7e76-0f61-4de9-8ae6-e5ee565cd118} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O20 - AppInit_DLLs: c:\progra~2\zoomex\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12387 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {5D6F0A7E-6D36-40E1-89DD-B1B11AB55BA9}
taskeng.exe {0BA70C64-ECD8-473E-9DD5-DC242551042A}
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe /schedule /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
"C:\Program Files (x86)\Protected Search\ProtectedSearch.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fb3b4847-cbad-410e-897d-6b3d40a731df -SystemEventPortName:HostProcess-69091c32-fba3-434f-bd35-e4ff0c98b979 -IoCancelEventPortName:HostProcess-a3abbbda-6eef-46a1-aeee-48ed5d90eefa -NonStateChangingEventPortName:HostProcess-5b02d432-ae61-4b67-b770-b6085477f6df -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:016881a2-0e15-41b3-ab28-993e21e256ab
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mumble\mumble.exe"
"D:\Games\World_of_Tanks\WorldOfTanks.exe" wot_wait_for_mutex
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4000.8914700.732905944 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 4000 "\\.\pipe\gecko-crash-server-pipe.4000" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash1320.621F63D8.18414 --host-broker-channel=Flash1320.621F63D8.27235 --host-pid=1320 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=2816.002EF5C0.592132412 --proxy-stub-channel=Flash1320.621F63D8.18414 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Zdenda\Downloads\Extras.Txt
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Zdenda\Downloads\OTL.Txt
"C:\ProgramData\Premium\ZoomEx\ZoomEx.exe" /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
"C:\Users\Zdenda\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ZoomExUpdaterTask{B41D989F-F197-4DE5-A5EB-5963A0D22A5C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{031B4C0E-E357-91ED-FFFB-B328A08F972E}]
Zoomex - C:\ProgramData\Zoomex\51002736c099f.dll [2013-01-23 120832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]
Toolbar BHO - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll [2013-01-13 707728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8d3ec233-b92d-4187-a506-284127cfba2d}]
DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]
Search Assistant BHO - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-01-13 62864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8d3ec233-b92d-4187-a506-284127cfba2d} - DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2013-01-13 707728]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]
{95B7759C-8C7F-4BF1-B163-73684A933233}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-13 13263072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-03-05 507984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-01-13 42536]
"VideoDownloadConverter_4z Browser Plugin Loader"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe [2013-01-13 30096]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-03-13 1151152]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-03-21 19:06:19 ----D---- C:\Users\Zdenda\AppData\Roaming\twinstar_launcher
2013-03-20 13:10:10 ----D---- C:\Windows\system32\SPReview
2013-03-20 13:08:50 ----D---- C:\Windows\system32\EventProviders
2013-03-16 19:11:10 ----D---- C:\Program Files (x86)\Portrait Professional 11 Trial
2013-03-14 15:25:07 ----D---- C:\Users\Zdenda\AppData\Roaming\VampireSaga
2013-03-13 16:05:10 ----D---- C:\ProgramData\AVG Secure Search
2013-03-13 16:04:53 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2013-03-13 16:04:47 ----D---- C:\Program Files (x86)\AVG Secure Search
2013-03-13 16:03:35 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2013-03-13 16:03:01 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-03-13 16:02:03 ----D---- C:\ProgramData\AmUStor
2013-03-13 16:02:03 ----D---- C:\Program Files (x86)\AmIcoSingLun
2013-03-13 16:00:50 ----A---- C:\Windows\SYSWOW64\drivers\VMHybrid.sys
2013-03-13 16:00:50 ----A---- C:\Windows\SYSWOW64\drivers\VMHybr64.sys
2013-03-13 16:00:27 ----D---- C:\Users\Zdenda\AppData\Roaming\ATI
2013-03-13 16:00:27 ----D---- C:\ProgramData\ATI
2013-03-13 16:00:20 ----D---- C:\Program Files (x86)\AMD AVT
2013-03-13 16:00:16 ----D---- C:\Program Files (x86)\AMD APP
2013-03-13 16:00:10 ----D---- C:\Program Files\Common Files\ATI Technologies
2013-03-13 15:59:03 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-03-13 15:59:03 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-03-13 15:59:03 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2013-03-13 15:58:31 ----D---- C:\ProgramData\AMD
2013-03-13 15:58:27 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2013-03-13 15:58:20 ----D---- C:\Program Files (x86)\ATI Technologies
2013-03-13 15:54:50 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-03-13 15:54:26 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\WavesGUILib64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tosade.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tepeqapo64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tadefxapo264.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tadefxapo.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSHP64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFNHK64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFCOM64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFAPO64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkApi64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEED64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTCOM64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEP64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEG64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EED64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEA64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\KAAPORT64.dll
2013-03-13 15:54:24 ----D---- C:\Program Files (x86)\Realtek
2013-03-13 15:54:24 ----A---- C:\Windows\system32\FMAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\AERTAR64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\AERTAC64.dll
2013-03-13 15:54:22 ----A---- C:\Windows\RtlExUpd.dll
2013-03-13 15:53:43 ----D---- C:\Program Files\Realtek
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RtkHDM64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEP64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEL64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEG64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEED64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RHDMEx64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RHCoInst64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RH3DHT64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\drivers\RtHDMIVX.sys
2013-03-13 15:53:38 ----A---- C:\Windows\system32\RH3DAA64.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEP64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEL64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEG64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EED64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEA64H.dll
2013-03-13 15:53:37 ----HD---- C:\Program Files (x86)\Temp
2013-03-13 15:51:58 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-13 15:51:58 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2013-03-13 15:51:44 ----D---- C:\Program Files\ATI Technologies
2013-03-13 15:51:40 ----D---- C:\Program Files\ATI
2013-03-13 15:47:46 ----D---- C:\ProgramData\DriverGenius
2013-03-13 15:45:51 ----D---- C:\Program Files (x86)\Driver-Soft
2013-03-10 21:38:45 ----A---- C:\Windows\SYSWOW64\drivers\Vcs.sys
2013-03-08 09:28:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-07 19:57:22 ----D---- C:\Program Files\CCleaner
2013-03-07 19:55:04 ----D---- C:\Program Files\trend micro
2013-03-07 19:55:03 ----D---- C:\rsit
2013-03-07 19:54:34 ----D---- C:\Program Files (x86)\Google
2013-03-07 11:54:22 ----D---- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
2013-03-06 20:26:53 ----D---- C:\Program Files (x86)\VideoLAN
2013-03-06 20:18:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-05 19:11:07 ----D---- C:\Users\Zdenda\AppData\Roaming\ICQ Search
2013-03-05 19:11:07 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2013-03-05 19:11:04 ----D---- C:\Program Files (x86)\Guard-ICQ
2013-03-05 19:11:02 ----D---- C:\ProgramData\ICQ
2013-03-05 19:08:03 ----D---- C:\Users\Zdenda\AppData\Roaming\BitTorrent
2013-03-05 18:59:57 ----D---- C:\ProgramData\PMB Files
2013-03-05 18:59:51 ----D---- C:\Program Files (x86)\Pando Networks
2013-03-05 12:33:31 ----D---- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
2013-03-02 12:40:20 ----D---- C:\Windows\Minidump
======List of files/folders modified in the last 1 months======
2013-03-26 20:04:52 ----D---- C:\Windows\Temp
2013-03-26 20:03:01 ----D---- C:\Users\Zdenda\AppData\Roaming\Mumble
2013-03-26 19:39:55 ----D---- C:\Users\Zdenda\AppData\Roaming\Skype
2013-03-26 19:37:54 ----D---- C:\Windows\system32\config
2013-03-26 19:30:36 ----RSD---- C:\Windows\assembly
2013-03-26 19:30:36 ----D---- C:\Windows\Microsoft.NET
2013-03-26 19:29:54 ----D---- C:\Windows\System32
2013-03-26 19:29:54 ----D---- C:\Windows\inf
2013-03-26 19:29:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-26 19:29:21 ----D---- C:\Windows
2013-03-26 19:23:18 ----D---- C:\Windows\Tasks
2013-03-26 19:23:18 ----D---- C:\Windows\system32\wfp
2013-03-26 19:23:18 ----D---- C:\Windows\system32\drivers\UMDF
2013-03-26 19:23:17 ----D---- C:\Windows\system32\wbem
2013-03-26 19:22:30 ----D---- C:\Windows\system32\DriverStore
2013-03-26 19:22:30 ----D---- C:\Windows\system32\catroot2
2013-03-26 19:22:23 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-26 19:22:22 ----SHD---- C:\Windows\Installer
2013-03-26 19:22:19 ----D---- C:\ProgramData\McAfee Security Scan
2013-03-26 19:22:19 ----D---- C:\Program Files (x86)\DaemonicMU Season V
2013-03-26 19:22:12 ----D---- C:\Windows\registration
2013-03-26 19:21:48 ----D---- C:\ProgramData\TuneUp Software
2013-03-26 19:20:14 ----SHD---- C:\System Volume Information
2013-03-20 20:52:48 ----D---- C:\Windows\SysWOW64
2013-03-20 20:52:48 ----D---- C:\Windows\system32\Tasks
2013-03-20 20:42:43 ----D---- C:\Windows\winsxs
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Portable Devices
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Media Player
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Mail
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Sidebar
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Portable Devices
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Mail
2013-03-20 20:35:04 ----D---- C:\Program Files\DVD Maker
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Photo Viewer
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Media Player
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Journal
2013-03-20 20:35:02 ----D---- C:\Program Files\Common Files\System
2013-03-20 20:35:01 ----D---- C:\Program Files\Windows Defender
2013-03-20 20:35:00 ----D---- C:\Windows\servicing
2013-03-20 20:35:00 ----D---- C:\Windows\ehome
2013-03-20 20:34:52 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2013-03-20 20:34:52 ----D---- C:\Windows\SYSWOW64\da-DK
2013-03-20 20:34:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-03-20 20:34:50 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-20 20:34:49 ----D---- C:\Windows\SYSWOW64\oobe
2013-03-20 20:34:49 ----D---- C:\Windows\SYSWOW64\migration
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\Setup
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\cs
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2013-03-20 20:34:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\sppui
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\manifeststore
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\en
2013-03-20 20:34:44 ----D---- C:\Windows\SYSWOW64\wbem
2013-03-20 20:34:43 ----D---- C:\Windows\SYSWOW64\migwiz
2013-03-20 20:34:42 ----D---- C:\Windows\SYSWOW64\Dism
2013-03-20 20:34:09 ----D---- C:\Windows\system32\da-DK
2013-03-20 20:34:09 ----D---- C:\Windows\PolicyDefinitions
2013-03-20 20:34:08 ----D---- C:\Windows\system32\sk-SK
2013-03-20 20:34:06 ----D---- C:\Windows\system32\en-US
2013-03-20 20:34:03 ----D---- C:\Windows\system32\oobe
2013-03-20 20:34:02 ----D---- C:\Windows\system32\migration
2013-03-20 20:34:02 ----D---- C:\Windows\system32\AdvancedInstallers
2013-03-20 20:34:01 ----D---- C:\Windows\system32\Setup
2013-03-20 20:34:01 ----D---- C:\Windows\system32\cs
2013-03-20 20:33:59 ----D---- C:\Windows\system32\cs-CZ
2013-03-20 20:33:56 ----D---- C:\Windows\system32\sppui
2013-03-20 20:33:56 ----D---- C:\Windows\system32\manifeststore
2013-03-20 20:33:56 ----D---- C:\Windows\system32\es-ES
2013-03-20 20:33:55 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-03-20 20:33:54 ----D---- C:\Windows\system32\drivers\en-US
2013-03-20 20:33:54 ----D---- C:\Windows\system32\drivers
2013-03-20 20:33:51 ----D---- C:\Windows\system32\migwiz
2013-03-20 20:33:51 ----D---- C:\Windows\system32\Dism
2013-03-20 20:32:58 ----RSD---- C:\Windows\Fonts
2013-03-20 20:32:57 ----D---- C:\Windows\AppPatch
2013-03-20 20:32:34 ----D---- C:\Windows\system32\Boot
2013-03-20 13:18:36 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2013-03-20 13:18:36 ----A---- C:\Windows\system32\msclmd.dll
2013-03-19 21:21:14 ----D---- C:\Windows\Prefetch
2013-03-19 20:55:39 ----D---- C:\Windows\SoftwareDistribution
2013-03-17 09:22:47 ----D---- C:\ProgramData\AlawarWrapper
2013-03-16 19:11:10 ----RD---- C:\Program Files (x86)
2013-03-13 17:58:32 ----D---- C:\Program Files (x86)\Hry.cz
2013-03-13 16:05:10 ----HD---- C:\ProgramData
2013-03-13 16:04:48 ----D---- C:\Program Files (x86)\Common Files
2013-03-13 16:02:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-13 16:02:06 ----D---- C:\Windows\system32\catroot
2013-03-13 16:00:50 ----D---- C:\Windows\SYSWOW64\drivers
2013-03-13 16:00:10 ----D---- C:\Program Files\Common Files
2013-03-13 15:53:43 ----RD---- C:\Program Files
2013-03-12 15:40:15 ----SD---- C:\Users\Zdenda\AppData\Roaming\Microsoft
2013-03-08 15:16:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-07 20:00:08 ----D---- C:\Users\Zdenda\AppData\Roaming\Ventrilo
2013-03-07 20:00:08 ----D---- C:\Users\Zdenda\AppData\Roaming\DAEMON Tools Lite
2013-03-07 19:59:51 ----D---- C:\Windows\Panther
2013-03-07 19:59:46 ----D---- C:\Windows\Logs
2013-03-07 19:59:46 ----D---- C:\Windows\debug
2013-03-05 22:15:20 ----D---- C:\Users\Zdenda\AppData\Roaming\TS3Client
2013-03-05 20:22:08 ----D---- C:\ProgramData\Adobe
2013-03-05 19:11:12 ----D---- C:\ProgramData\Zoomex
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-03-13 39768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-23 283200]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-12-26 3269088]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2012-06-05 237968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-27 805088]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S2 Vcs;Vcs support; \??\C:\Windows\system32\Drivers\Vcs.sys []
S3 3xHybr64;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-04-20 873216]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2008-10-29 811008]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
R2 ICQ Service;ICQ Service; C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-23 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-01-13 42504]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-03-13 968880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-01-08 20608]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Zdenda at 2013-03-26 20:04:47
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 327 GB (65%) free of 500 GB
Total RAM: 4095 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:04:57, on 26.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Mumble\mumble.exe
D:\Games\World_of_Tanks\WorldOfTanks.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe
C:\Program Files\trend micro\Zdenda.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=74f818f8 ... 242157054f
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Zoomex - {031B4C0E-E357-91ED-FFFB-B328A08F972E} - C:\ProgramData\Zoomex\51002736c099f.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O9 - Extra button: (no name) - {5f7f7e76-0f61-4de9-8ae6-e5ee565cd118} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O20 - AppInit_DLLs: c:\progra~2\zoomex\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12387 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {5D6F0A7E-6D36-40E1-89DD-B1B11AB55BA9}
taskeng.exe {0BA70C64-ECD8-473E-9DD5-DC242551042A}
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe /schedule /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
"C:\Program Files (x86)\Protected Search\ProtectedSearch.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fb3b4847-cbad-410e-897d-6b3d40a731df -SystemEventPortName:HostProcess-69091c32-fba3-434f-bd35-e4ff0c98b979 -IoCancelEventPortName:HostProcess-a3abbbda-6eef-46a1-aeee-48ed5d90eefa -NonStateChangingEventPortName:HostProcess-5b02d432-ae61-4b67-b770-b6085477f6df -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:016881a2-0e15-41b3-ab28-993e21e256ab
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mumble\mumble.exe"
"D:\Games\World_of_Tanks\WorldOfTanks.exe" wot_wait_for_mutex
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4000.8914700.732905944 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 4000 "\\.\pipe\gecko-crash-server-pipe.4000" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash1320.621F63D8.18414 --host-broker-channel=Flash1320.621F63D8.27235 --host-pid=1320 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=2816.002EF5C0.592132412 --proxy-stub-channel=Flash1320.621F63D8.18414 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Zdenda\Downloads\Extras.Txt
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Zdenda\Downloads\OTL.Txt
"C:\ProgramData\Premium\ZoomEx\ZoomEx.exe" /profile "C:\ProgramData\Premium\ZoomEx\profile.ini"
"C:\Users\Zdenda\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ZoomExUpdaterTask{B41D989F-F197-4DE5-A5EB-5963A0D22A5C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{031B4C0E-E357-91ED-FFFB-B328A08F972E}]
Zoomex - C:\ProgramData\Zoomex\51002736c099f.dll [2013-01-23 120832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]
Toolbar BHO - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll [2013-01-13 707728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8d3ec233-b92d-4187-a506-284127cfba2d}]
DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]
Search Assistant BHO - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-01-13 62864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8d3ec233-b92d-4187-a506-284127cfba2d} - DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2013-01-13 707728]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]
{95B7759C-8C7F-4BF1-B163-73684A933233}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-13 13263072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-03-05 507984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-01-13 42536]
"VideoDownloadConverter_4z Browser Plugin Loader"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe [2013-01-13 30096]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-03-13 1151152]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-03-21 19:06:19 ----D---- C:\Users\Zdenda\AppData\Roaming\twinstar_launcher
2013-03-20 13:10:10 ----D---- C:\Windows\system32\SPReview
2013-03-20 13:08:50 ----D---- C:\Windows\system32\EventProviders
2013-03-16 19:11:10 ----D---- C:\Program Files (x86)\Portrait Professional 11 Trial
2013-03-14 15:25:07 ----D---- C:\Users\Zdenda\AppData\Roaming\VampireSaga
2013-03-13 16:05:10 ----D---- C:\ProgramData\AVG Secure Search
2013-03-13 16:04:53 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2013-03-13 16:04:47 ----D---- C:\Program Files (x86)\AVG Secure Search
2013-03-13 16:03:35 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2013-03-13 16:03:01 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-03-13 16:02:03 ----D---- C:\ProgramData\AmUStor
2013-03-13 16:02:03 ----D---- C:\Program Files (x86)\AmIcoSingLun
2013-03-13 16:00:50 ----A---- C:\Windows\SYSWOW64\drivers\VMHybrid.sys
2013-03-13 16:00:50 ----A---- C:\Windows\SYSWOW64\drivers\VMHybr64.sys
2013-03-13 16:00:27 ----D---- C:\Users\Zdenda\AppData\Roaming\ATI
2013-03-13 16:00:27 ----D---- C:\ProgramData\ATI
2013-03-13 16:00:20 ----D---- C:\Program Files (x86)\AMD AVT
2013-03-13 16:00:16 ----D---- C:\Program Files (x86)\AMD APP
2013-03-13 16:00:10 ----D---- C:\Program Files\Common Files\ATI Technologies
2013-03-13 15:59:03 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-03-13 15:59:03 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-03-13 15:59:03 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2013-03-13 15:58:31 ----D---- C:\ProgramData\AMD
2013-03-13 15:58:27 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2013-03-13 15:58:20 ----D---- C:\Program Files (x86)\ATI Technologies
2013-03-13 15:54:50 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-03-13 15:54:26 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\WavesGUILib64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tosade.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tepeqapo64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tadefxapo264.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tadefxapo.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSHP64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFNHK64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFCOM64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFAPO64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkApi64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEED64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTCOM64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEP64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEG64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EED64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEA64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\KAAPORT64.dll
2013-03-13 15:54:24 ----D---- C:\Program Files (x86)\Realtek
2013-03-13 15:54:24 ----A---- C:\Windows\system32\FMAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\AERTAR64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\AERTAC64.dll
2013-03-13 15:54:22 ----A---- C:\Windows\RtlExUpd.dll
2013-03-13 15:53:43 ----D---- C:\Program Files\Realtek
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RtkHDM64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEP64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEL64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEG64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEED64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RHDMEx64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RHCoInst64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RH3DHT64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\drivers\RtHDMIVX.sys
2013-03-13 15:53:38 ----A---- C:\Windows\system32\RH3DAA64.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEP64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEL64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEG64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EED64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEA64H.dll
2013-03-13 15:53:37 ----HD---- C:\Program Files (x86)\Temp
2013-03-13 15:51:58 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-13 15:51:58 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2013-03-13 15:51:44 ----D---- C:\Program Files\ATI Technologies
2013-03-13 15:51:40 ----D---- C:\Program Files\ATI
2013-03-13 15:47:46 ----D---- C:\ProgramData\DriverGenius
2013-03-13 15:45:51 ----D---- C:\Program Files (x86)\Driver-Soft
2013-03-10 21:38:45 ----A---- C:\Windows\SYSWOW64\drivers\Vcs.sys
2013-03-08 09:28:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-07 19:57:22 ----D---- C:\Program Files\CCleaner
2013-03-07 19:55:04 ----D---- C:\Program Files\trend micro
2013-03-07 19:55:03 ----D---- C:\rsit
2013-03-07 19:54:34 ----D---- C:\Program Files (x86)\Google
2013-03-07 11:54:22 ----D---- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
2013-03-06 20:26:53 ----D---- C:\Program Files (x86)\VideoLAN
2013-03-06 20:18:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-05 19:11:07 ----D---- C:\Users\Zdenda\AppData\Roaming\ICQ Search
2013-03-05 19:11:07 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2013-03-05 19:11:04 ----D---- C:\Program Files (x86)\Guard-ICQ
2013-03-05 19:11:02 ----D---- C:\ProgramData\ICQ
2013-03-05 19:08:03 ----D---- C:\Users\Zdenda\AppData\Roaming\BitTorrent
2013-03-05 18:59:57 ----D---- C:\ProgramData\PMB Files
2013-03-05 18:59:51 ----D---- C:\Program Files (x86)\Pando Networks
2013-03-05 12:33:31 ----D---- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
2013-03-02 12:40:20 ----D---- C:\Windows\Minidump
======List of files/folders modified in the last 1 months======
2013-03-26 20:04:52 ----D---- C:\Windows\Temp
2013-03-26 20:03:01 ----D---- C:\Users\Zdenda\AppData\Roaming\Mumble
2013-03-26 19:39:55 ----D---- C:\Users\Zdenda\AppData\Roaming\Skype
2013-03-26 19:37:54 ----D---- C:\Windows\system32\config
2013-03-26 19:30:36 ----RSD---- C:\Windows\assembly
2013-03-26 19:30:36 ----D---- C:\Windows\Microsoft.NET
2013-03-26 19:29:54 ----D---- C:\Windows\System32
2013-03-26 19:29:54 ----D---- C:\Windows\inf
2013-03-26 19:29:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-26 19:29:21 ----D---- C:\Windows
2013-03-26 19:23:18 ----D---- C:\Windows\Tasks
2013-03-26 19:23:18 ----D---- C:\Windows\system32\wfp
2013-03-26 19:23:18 ----D---- C:\Windows\system32\drivers\UMDF
2013-03-26 19:23:17 ----D---- C:\Windows\system32\wbem
2013-03-26 19:22:30 ----D---- C:\Windows\system32\DriverStore
2013-03-26 19:22:30 ----D---- C:\Windows\system32\catroot2
2013-03-26 19:22:23 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-26 19:22:22 ----SHD---- C:\Windows\Installer
2013-03-26 19:22:19 ----D---- C:\ProgramData\McAfee Security Scan
2013-03-26 19:22:19 ----D---- C:\Program Files (x86)\DaemonicMU Season V
2013-03-26 19:22:12 ----D---- C:\Windows\registration
2013-03-26 19:21:48 ----D---- C:\ProgramData\TuneUp Software
2013-03-26 19:20:14 ----SHD---- C:\System Volume Information
2013-03-20 20:52:48 ----D---- C:\Windows\SysWOW64
2013-03-20 20:52:48 ----D---- C:\Windows\system32\Tasks
2013-03-20 20:42:43 ----D---- C:\Windows\winsxs
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Portable Devices
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Media Player
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Mail
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Sidebar
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Portable Devices
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Mail
2013-03-20 20:35:04 ----D---- C:\Program Files\DVD Maker
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Photo Viewer
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Media Player
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Journal
2013-03-20 20:35:02 ----D---- C:\Program Files\Common Files\System
2013-03-20 20:35:01 ----D---- C:\Program Files\Windows Defender
2013-03-20 20:35:00 ----D---- C:\Windows\servicing
2013-03-20 20:35:00 ----D---- C:\Windows\ehome
2013-03-20 20:34:52 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2013-03-20 20:34:52 ----D---- C:\Windows\SYSWOW64\da-DK
2013-03-20 20:34:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-03-20 20:34:50 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-20 20:34:49 ----D---- C:\Windows\SYSWOW64\oobe
2013-03-20 20:34:49 ----D---- C:\Windows\SYSWOW64\migration
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\Setup
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\cs
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2013-03-20 20:34:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\sppui
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\manifeststore
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\en
2013-03-20 20:34:44 ----D---- C:\Windows\SYSWOW64\wbem
2013-03-20 20:34:43 ----D---- C:\Windows\SYSWOW64\migwiz
2013-03-20 20:34:42 ----D---- C:\Windows\SYSWOW64\Dism
2013-03-20 20:34:09 ----D---- C:\Windows\system32\da-DK
2013-03-20 20:34:09 ----D---- C:\Windows\PolicyDefinitions
2013-03-20 20:34:08 ----D---- C:\Windows\system32\sk-SK
2013-03-20 20:34:06 ----D---- C:\Windows\system32\en-US
2013-03-20 20:34:03 ----D---- C:\Windows\system32\oobe
2013-03-20 20:34:02 ----D---- C:\Windows\system32\migration
2013-03-20 20:34:02 ----D---- C:\Windows\system32\AdvancedInstallers
2013-03-20 20:34:01 ----D---- C:\Windows\system32\Setup
2013-03-20 20:34:01 ----D---- C:\Windows\system32\cs
2013-03-20 20:33:59 ----D---- C:\Windows\system32\cs-CZ
2013-03-20 20:33:56 ----D---- C:\Windows\system32\sppui
2013-03-20 20:33:56 ----D---- C:\Windows\system32\manifeststore
2013-03-20 20:33:56 ----D---- C:\Windows\system32\es-ES
2013-03-20 20:33:55 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-03-20 20:33:54 ----D---- C:\Windows\system32\drivers\en-US
2013-03-20 20:33:54 ----D---- C:\Windows\system32\drivers
2013-03-20 20:33:51 ----D---- C:\Windows\system32\migwiz
2013-03-20 20:33:51 ----D---- C:\Windows\system32\Dism
2013-03-20 20:32:58 ----RSD---- C:\Windows\Fonts
2013-03-20 20:32:57 ----D---- C:\Windows\AppPatch
2013-03-20 20:32:34 ----D---- C:\Windows\system32\Boot
2013-03-20 13:18:36 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2013-03-20 13:18:36 ----A---- C:\Windows\system32\msclmd.dll
2013-03-19 21:21:14 ----D---- C:\Windows\Prefetch
2013-03-19 20:55:39 ----D---- C:\Windows\SoftwareDistribution
2013-03-17 09:22:47 ----D---- C:\ProgramData\AlawarWrapper
2013-03-16 19:11:10 ----RD---- C:\Program Files (x86)
2013-03-13 17:58:32 ----D---- C:\Program Files (x86)\Hry.cz
2013-03-13 16:05:10 ----HD---- C:\ProgramData
2013-03-13 16:04:48 ----D---- C:\Program Files (x86)\Common Files
2013-03-13 16:02:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-13 16:02:06 ----D---- C:\Windows\system32\catroot
2013-03-13 16:00:50 ----D---- C:\Windows\SYSWOW64\drivers
2013-03-13 16:00:10 ----D---- C:\Program Files\Common Files
2013-03-13 15:53:43 ----RD---- C:\Program Files
2013-03-12 15:40:15 ----SD---- C:\Users\Zdenda\AppData\Roaming\Microsoft
2013-03-08 15:16:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-07 20:00:08 ----D---- C:\Users\Zdenda\AppData\Roaming\Ventrilo
2013-03-07 20:00:08 ----D---- C:\Users\Zdenda\AppData\Roaming\DAEMON Tools Lite
2013-03-07 19:59:51 ----D---- C:\Windows\Panther
2013-03-07 19:59:46 ----D---- C:\Windows\Logs
2013-03-07 19:59:46 ----D---- C:\Windows\debug
2013-03-05 22:15:20 ----D---- C:\Users\Zdenda\AppData\Roaming\TS3Client
2013-03-05 20:22:08 ----D---- C:\ProgramData\Adobe
2013-03-05 19:11:12 ----D---- C:\ProgramData\Zoomex
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-03-13 39768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-23 283200]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-12-26 3269088]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2012-06-05 237968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-27 805088]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S2 Vcs;Vcs support; \??\C:\Windows\system32\Drivers\Vcs.sys []
S3 3xHybr64;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-04-20 873216]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2008-10-29 811008]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
R2 ICQ Service;ICQ Service; C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-23 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-01-13 42504]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-03-13 968880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-01-08 20608]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Re: dost se mi to spomalilo
Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
zdeny.m
- Návštěvník
- Příspěvky: 74
- Registrován: 29 lis 2004 18:54
- Bydliště: Holýšov
- Kontaktovat uživatele:
Re: dost se mi to spomalilo
tak windows nevim PC sem takhle dostal a na tady na foru je to tatiho ucet
zasilam LOG
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org
Verze: v2013.03.27.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Zdenda :: ZDENDAPC [administrátor]
Ochrana: Povolena
27.3.2013 16:12:14
MBAM-log-2013-03-27 (18-41-54).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 372962
Uplynulý čas: 44 minut, 16 sekund
Nalezené procesy v paměti: 1
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe (Trojan.Startpage) -> 1876 -> Nebyla provedena žádná instrukce.
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 6
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 9
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com/) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://searchab.com/?aff=7&uid=74f818f8 ... 242157054f) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com/) -> Nebyla provedena žádná instrukce.
Nalezené složky: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search (PUP.ProtectedSearch) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 7
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe (Trojan.Startpage) -> Nebyla provedena žádná instrukce.
C:\Users\Zdenda\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\rzr-cod4.exe (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
C:\Users\Zdenda\Downloads\installer_ext2_file_system_driver_for_windows.exe (PUP.BundleInstaller.BEN) -> Nebyla provedena žádná instrukce.
C:\Users\Zdenda\Downloads\Call of duty 4 [PC-DVD] [English]\crack\rzr-cod4.exe (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) -> Nebyla provedena žádná instrukce.
(konec)
zasilam LOG
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org
Verze: v2013.03.27.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Zdenda :: ZDENDAPC [administrátor]
Ochrana: Povolena
27.3.2013 16:12:14
MBAM-log-2013-03-27 (18-41-54).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 372962
Uplynulý čas: 44 minut, 16 sekund
Nalezené procesy v paměti: 1
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe (Trojan.Startpage) -> 1876 -> Nebyla provedena žádná instrukce.
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 6
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 9
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com/) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://searchab.com/?aff=7&uid=74f818f8 ... 242157054f) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com/) -> Nebyla provedena žádná instrukce.
Nalezené složky: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search (PUP.ProtectedSearch) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 7
C:\ProgramData\Premium\ZoomEx\ZoomEx.exe (Trojan.Startpage) -> Nebyla provedena žádná instrukce.
C:\Users\Zdenda\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\rzr-cod4.exe (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
C:\Users\Zdenda\Downloads\installer_ext2_file_system_driver_for_windows.exe (PUP.BundleInstaller.BEN) -> Nebyla provedena žádná instrukce.
C:\Users\Zdenda\Downloads\Call of duty 4 [PC-DVD] [English]\crack\rzr-cod4.exe (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) -> Nebyla provedena žádná instrukce.
(konec)
Re: dost se mi to spomalilo
Nalezy MBAM nechte odstranit. Nainstalujte Service Pack 1 Pak dejte novy log z RSITPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
zdeny.m
- Návštěvník
- Příspěvky: 74
- Registrován: 29 lis 2004 18:54
- Bydliště: Holýšov
- Kontaktovat uživatele:
Re: dost se mi to spomalilo
SP1 je jiz nainstalovany...
LOG
Logfile of random's system information tool 1.08 (written by random/random)
Run by Zdenda at 2013-03-27 20:11:11
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 323 GB (65%) free of 500 GB
Total RAM: 4095 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:15, on 27.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mumble\mumble.exe
C:\Program Files (x86)\Mumble\dbus-daemon.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\trend micro\Zdenda.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Zoomex - {031B4C0E-E357-91ED-FFFB-B328A08F972E} - C:\ProgramData\Zoomex\51002736c099f.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O9 - Extra button: (no name) - {5f7f7e76-0f61-4de9-8ae6-e5ee565cd118} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O20 - AppInit_DLLs: c:\progra~2\zoomex\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11596 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
taskeng.exe {AA790837-79F8-4B56-9AA1-1EA1B17D42B2}
"C:\Program Files (x86)\Protected Search\ProtectedSearch.exe"
C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4765bc04-7a79-4112-99d1-ea68caad8282 -SystemEventPortName:HostProcess-7304a5f1-b06b-4779-8b94-7721c087c350 -IoCancelEventPortName:HostProcess-fc98c904-1a50-4735-a939-899ff356e2fa -NonStateChangingEventPortName:HostProcess-6111f1fc-b9bf-48df-9cf2-47be5ac375bd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:abad1585-9661-4b34-8502-6c809f4a4b6c
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mumble\mumble.exe"
"C:\Program Files (x86)\Mumble\dbus-daemon.exe" --session
\??\C:\Windows\system32\conhost.exe "-1708207495-187605055486082196154999736620531225341612037609543195009-1620059290
C:\Windows\SysWOW64\DllHost.exe /Processid:{3F6B5E16-092A-41ED-930B-0B4125D91D4E}
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2176.ff68d00.1963312740 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 2176 "\\.\pipe\gecko-crash-server-pipe.2176" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash4652.67B163D8.8989 --host-broker-channel=Flash4652.67B163D8.15174 --host-pid=4652 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=4932.0062F5B0.1903089019 --proxy-stub-channel=Flash4652.67B163D8.8989 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Zdenda\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ZoomExUpdaterTask{B41D989F-F197-4DE5-A5EB-5963A0D22A5C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{031B4C0E-E357-91ED-FFFB-B328A08F972E}]
Zoomex - C:\ProgramData\Zoomex\51002736c099f.dll [2013-01-23 120832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]
Toolbar BHO - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll [2013-01-13 707728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8d3ec233-b92d-4187-a506-284127cfba2d}]
DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]
Search Assistant BHO - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-01-13 62864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8d3ec233-b92d-4187-a506-284127cfba2d} - DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2013-01-13 707728]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]
{95B7759C-8C7F-4BF1-B163-73684A933233}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-13 13263072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-03-05 507984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-01-13 42536]
"VideoDownloadConverter_4z Browser Plugin Loader"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe [2013-01-13 30096]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-03-13 1151152]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-03-27 16:11:15 ----D---- C:\Users\Zdenda\AppData\Roaming\Malwarebytes
2013-03-27 16:10:57 ----D---- C:\ProgramData\Malwarebytes
2013-03-27 16:10:52 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-27 16:10:52 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-03-27 16:06:58 ----D---- C:\Program Files (x86)\ESET
2013-03-21 19:06:19 ----D---- C:\Users\Zdenda\AppData\Roaming\twinstar_launcher
2013-03-20 13:10:10 ----D---- C:\Windows\system32\SPReview
2013-03-20 13:08:50 ----D---- C:\Windows\system32\EventProviders
2013-03-16 19:11:10 ----D---- C:\Program Files (x86)\Portrait Professional 11 Trial
2013-03-14 15:25:07 ----D---- C:\Users\Zdenda\AppData\Roaming\VampireSaga
2013-03-13 16:05:10 ----D---- C:\ProgramData\AVG Secure Search
2013-03-13 16:04:53 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2013-03-13 16:04:47 ----D---- C:\Program Files (x86)\AVG Secure Search
2013-03-13 16:03:35 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2013-03-13 16:03:01 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-03-13 16:02:03 ----D---- C:\ProgramData\AmUStor
2013-03-13 16:02:03 ----D---- C:\Program Files (x86)\AmIcoSingLun
2013-03-13 16:00:50 ----A---- C:\Windows\SYSWOW64\drivers\VMHybrid.sys
2013-03-13 16:00:50 ----A---- C:\Windows\SYSWOW64\drivers\VMHybr64.sys
2013-03-13 16:00:27 ----D---- C:\Users\Zdenda\AppData\Roaming\ATI
2013-03-13 16:00:27 ----D---- C:\ProgramData\ATI
2013-03-13 16:00:20 ----D---- C:\Program Files (x86)\AMD AVT
2013-03-13 16:00:16 ----D---- C:\Program Files (x86)\AMD APP
2013-03-13 16:00:10 ----D---- C:\Program Files\Common Files\ATI Technologies
2013-03-13 15:59:03 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-03-13 15:59:03 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-03-13 15:59:03 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2013-03-13 15:58:31 ----D---- C:\ProgramData\AMD
2013-03-13 15:58:27 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2013-03-13 15:58:20 ----D---- C:\Program Files (x86)\ATI Technologies
2013-03-13 15:54:50 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-03-13 15:54:26 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\WavesGUILib64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tosade.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tepeqapo64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tadefxapo264.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tadefxapo.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSHP64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFNHK64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFCOM64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFAPO64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkApi64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEED64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTCOM64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEP64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEG64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EED64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEA64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\KAAPORT64.dll
2013-03-13 15:54:24 ----D---- C:\Program Files (x86)\Realtek
2013-03-13 15:54:24 ----A---- C:\Windows\system32\FMAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\AERTAR64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\AERTAC64.dll
2013-03-13 15:54:22 ----A---- C:\Windows\RtlExUpd.dll
2013-03-13 15:53:43 ----D---- C:\Program Files\Realtek
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RtkHDM64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEP64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEL64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEG64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEED64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RHDMEx64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RHCoInst64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RH3DHT64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\drivers\RtHDMIVX.sys
2013-03-13 15:53:38 ----A---- C:\Windows\system32\RH3DAA64.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEP64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEL64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEG64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EED64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEA64H.dll
2013-03-13 15:53:37 ----HD---- C:\Program Files (x86)\Temp
2013-03-13 15:51:58 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-13 15:51:58 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2013-03-13 15:51:44 ----D---- C:\Program Files\ATI Technologies
2013-03-13 15:51:40 ----D---- C:\Program Files\ATI
2013-03-13 15:47:46 ----D---- C:\ProgramData\DriverGenius
2013-03-13 15:45:51 ----D---- C:\Program Files (x86)\Driver-Soft
2013-03-10 21:38:45 ----A---- C:\Windows\SYSWOW64\drivers\Vcs.sys
2013-03-08 09:28:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-07 19:57:22 ----D---- C:\Program Files\CCleaner
2013-03-07 19:55:04 ----D---- C:\Program Files\trend micro
2013-03-07 19:55:03 ----D---- C:\rsit
2013-03-07 19:54:34 ----D---- C:\Program Files (x86)\Google
2013-03-07 11:54:22 ----D---- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
2013-03-06 20:26:53 ----D---- C:\Program Files (x86)\VideoLAN
2013-03-06 20:18:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-05 19:11:07 ----D---- C:\Users\Zdenda\AppData\Roaming\ICQ Search
2013-03-05 19:11:07 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2013-03-05 19:11:04 ----D---- C:\Program Files (x86)\Guard-ICQ
2013-03-05 19:11:02 ----D---- C:\ProgramData\ICQ
2013-03-05 19:08:03 ----D---- C:\Users\Zdenda\AppData\Roaming\BitTorrent
2013-03-05 18:59:57 ----D---- C:\ProgramData\PMB Files
2013-03-05 18:59:51 ----D---- C:\Program Files (x86)\Pando Networks
2013-03-05 12:33:31 ----D---- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
2013-03-02 12:40:20 ----D---- C:\Windows\Minidump
======List of files/folders modified in the last 1 months======
2013-03-27 20:11:14 ----D---- C:\Windows\Temp
2013-03-27 20:09:17 ----D---- C:\Users\Zdenda\AppData\Roaming\Mumble
2013-03-27 20:09:12 ----D---- C:\Windows\system32\config
2013-03-27 20:01:13 ----D---- C:\Windows\System32
2013-03-27 20:01:13 ----D---- C:\Windows\inf
2013-03-27 20:01:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-27 19:56:36 ----D---- C:\Users\Zdenda\AppData\Roaming\Skype
2013-03-27 19:54:37 ----D---- C:\Windows\system32\catroot2
2013-03-27 19:54:00 ----D---- C:\Windows
2013-03-27 16:28:28 ----D---- C:\Windows\Microsoft.NET
2013-03-27 16:27:35 ----RSD---- C:\Windows\assembly
2013-03-27 16:10:57 ----HD---- C:\ProgramData
2013-03-27 16:10:52 ----RD---- C:\Program Files (x86)
2013-03-27 16:10:52 ----D---- C:\Windows\system32\drivers
2013-03-26 19:23:18 ----D---- C:\Windows\Tasks
2013-03-26 19:23:18 ----D---- C:\Windows\system32\wfp
2013-03-26 19:23:18 ----D---- C:\Windows\system32\drivers\UMDF
2013-03-26 19:23:17 ----D---- C:\Windows\system32\wbem
2013-03-26 19:22:30 ----D---- C:\Windows\system32\DriverStore
2013-03-26 19:22:23 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-26 19:22:22 ----SHD---- C:\Windows\Installer
2013-03-26 19:22:19 ----D---- C:\ProgramData\McAfee Security Scan
2013-03-26 19:22:19 ----D---- C:\Program Files (x86)\DaemonicMU Season V
2013-03-26 19:22:12 ----D---- C:\Windows\registration
2013-03-26 19:21:48 ----D---- C:\ProgramData\TuneUp Software
2013-03-26 19:20:14 ----SHD---- C:\System Volume Information
2013-03-20 20:52:48 ----D---- C:\Windows\SysWOW64
2013-03-20 20:52:48 ----D---- C:\Windows\system32\Tasks
2013-03-20 20:42:43 ----D---- C:\Windows\winsxs
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Portable Devices
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Media Player
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Mail
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Sidebar
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Portable Devices
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Mail
2013-03-20 20:35:04 ----D---- C:\Program Files\DVD Maker
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Photo Viewer
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Media Player
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Journal
2013-03-20 20:35:02 ----D---- C:\Program Files\Common Files\System
2013-03-20 20:35:01 ----D---- C:\Program Files\Windows Defender
2013-03-20 20:35:00 ----D---- C:\Windows\servicing
2013-03-20 20:35:00 ----D---- C:\Windows\ehome
2013-03-20 20:34:52 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2013-03-20 20:34:52 ----D---- C:\Windows\SYSWOW64\da-DK
2013-03-20 20:34:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-03-20 20:34:50 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-20 20:34:49 ----D---- C:\Windows\SYSWOW64\oobe
2013-03-20 20:34:49 ----D---- C:\Windows\SYSWOW64\migration
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\Setup
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\cs
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2013-03-20 20:34:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\sppui
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\manifeststore
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\en
2013-03-20 20:34:44 ----D---- C:\Windows\SYSWOW64\wbem
2013-03-20 20:34:43 ----D---- C:\Windows\SYSWOW64\migwiz
2013-03-20 20:34:42 ----D---- C:\Windows\SYSWOW64\Dism
2013-03-20 20:34:09 ----D---- C:\Windows\system32\da-DK
2013-03-20 20:34:09 ----D---- C:\Windows\PolicyDefinitions
2013-03-20 20:34:08 ----D---- C:\Windows\system32\sk-SK
2013-03-20 20:34:06 ----D---- C:\Windows\system32\en-US
2013-03-20 20:34:03 ----D---- C:\Windows\system32\oobe
2013-03-20 20:34:02 ----D---- C:\Windows\system32\migration
2013-03-20 20:34:02 ----D---- C:\Windows\system32\AdvancedInstallers
2013-03-20 20:34:01 ----D---- C:\Windows\system32\Setup
2013-03-20 20:34:01 ----D---- C:\Windows\system32\cs
2013-03-20 20:33:59 ----D---- C:\Windows\system32\cs-CZ
2013-03-20 20:33:56 ----D---- C:\Windows\system32\sppui
2013-03-20 20:33:56 ----D---- C:\Windows\system32\manifeststore
2013-03-20 20:33:56 ----D---- C:\Windows\system32\es-ES
2013-03-20 20:33:55 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-03-20 20:33:54 ----D---- C:\Windows\system32\drivers\en-US
2013-03-20 20:33:51 ----D---- C:\Windows\system32\migwiz
2013-03-20 20:33:51 ----D---- C:\Windows\system32\Dism
2013-03-20 20:32:58 ----RSD---- C:\Windows\Fonts
2013-03-20 20:32:57 ----D---- C:\Windows\AppPatch
2013-03-20 20:32:34 ----D---- C:\Windows\system32\Boot
2013-03-20 13:18:36 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2013-03-20 13:18:36 ----A---- C:\Windows\system32\msclmd.dll
2013-03-19 21:21:14 ----D---- C:\Windows\Prefetch
2013-03-19 20:55:39 ----D---- C:\Windows\SoftwareDistribution
2013-03-17 09:22:47 ----D---- C:\ProgramData\AlawarWrapper
2013-03-13 17:58:32 ----D---- C:\Program Files (x86)\Hry.cz
2013-03-13 16:04:48 ----D---- C:\Program Files (x86)\Common Files
2013-03-13 16:02:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-13 16:02:06 ----D---- C:\Windows\system32\catroot
2013-03-13 16:00:50 ----D---- C:\Windows\SYSWOW64\drivers
2013-03-13 16:00:10 ----D---- C:\Program Files\Common Files
2013-03-13 15:53:43 ----RD---- C:\Program Files
2013-03-12 15:40:15 ----SD---- C:\Users\Zdenda\AppData\Roaming\Microsoft
2013-03-08 15:16:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-07 20:00:08 ----D---- C:\Users\Zdenda\AppData\Roaming\Ventrilo
2013-03-07 20:00:08 ----D---- C:\Users\Zdenda\AppData\Roaming\DAEMON Tools Lite
2013-03-07 19:59:51 ----D---- C:\Windows\Panther
2013-03-07 19:59:46 ----D---- C:\Windows\Logs
2013-03-07 19:59:46 ----D---- C:\Windows\debug
2013-03-05 22:15:20 ----D---- C:\Users\Zdenda\AppData\Roaming\TS3Client
2013-03-05 20:22:08 ----D---- C:\ProgramData\Adobe
2013-03-05 19:11:12 ----D---- C:\ProgramData\Zoomex
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-03-13 39768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-23 283200]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R3 3xHybr64;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-04-20 873216]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-12-26 3269088]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2012-06-05 237968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-27 805088]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S2 Vcs;Vcs support; \??\C:\Windows\system32\Drivers\Vcs.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2008-10-29 811008]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
R2 ICQ Service;ICQ Service; C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-23 76888]
R2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-01-08 20608]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-01-13 42504]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-03-13 968880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
LOG
Logfile of random's system information tool 1.08 (written by random/random)
Run by Zdenda at 2013-03-27 20:11:11
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 323 GB (65%) free of 500 GB
Total RAM: 4095 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:15, on 27.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mumble\mumble.exe
C:\Program Files (x86)\Mumble\dbus-daemon.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\trend micro\Zdenda.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Zoomex - {031B4C0E-E357-91ED-FFFB-B328A08F972E} - C:\ProgramData\Zoomex\51002736c099f.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O9 - Extra button: (no name) - {5f7f7e76-0f61-4de9-8ae6-e5ee565cd118} - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O20 - AppInit_DLLs: c:\progra~2\zoomex\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11596 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
taskeng.exe {AA790837-79F8-4B56-9AA1-1EA1B17D42B2}
"C:\Program Files (x86)\Protected Search\ProtectedSearch.exe"
C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4765bc04-7a79-4112-99d1-ea68caad8282 -SystemEventPortName:HostProcess-7304a5f1-b06b-4779-8b94-7721c087c350 -IoCancelEventPortName:HostProcess-fc98c904-1a50-4735-a939-899ff356e2fa -NonStateChangingEventPortName:HostProcess-6111f1fc-b9bf-48df-9cf2-47be5ac375bd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:abad1585-9661-4b34-8502-6c809f4a4b6c
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mumble\mumble.exe"
"C:\Program Files (x86)\Mumble\dbus-daemon.exe" --session
\??\C:\Windows\system32\conhost.exe "-1708207495-187605055486082196154999736620531225341612037609543195009-1620059290
C:\Windows\SysWOW64\DllHost.exe /Processid:{3F6B5E16-092A-41ED-930B-0B4125D91D4E}
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2176.ff68d00.1963312740 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 2176 "\\.\pipe\gecko-crash-server-pipe.2176" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash4652.67B163D8.8989 --host-broker-channel=Flash4652.67B163D8.15174 --host-pid=4652 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=4932.0062F5B0.1903089019 --proxy-stub-channel=Flash4652.67B163D8.8989 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Zdenda\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ZoomExUpdaterTask{B41D989F-F197-4DE5-A5EB-5963A0D22A5C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{031B4C0E-E357-91ED-FFFB-B328A08F972E}]
Zoomex - C:\ProgramData\Zoomex\51002736c099f.dll [2013-01-23 120832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]
Toolbar BHO - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll [2013-01-13 707728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8d3ec233-b92d-4187-a506-284127cfba2d}]
DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]
Search Assistant BHO - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-01-13 62864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8d3ec233-b92d-4187-a506-284127cfba2d} - DownTango Launcher - C:\Users\Zdenda\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll [2012-10-30 1030728]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]
{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2013-01-13 707728]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]
{95B7759C-8C7F-4BF1-B163-73684A933233}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-13 13263072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-03-05 507984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-01-13 42536]
"VideoDownloadConverter_4z Browser Plugin Loader"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe [2013-01-13 30096]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-03-13 1151152]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-03-27 16:11:15 ----D---- C:\Users\Zdenda\AppData\Roaming\Malwarebytes
2013-03-27 16:10:57 ----D---- C:\ProgramData\Malwarebytes
2013-03-27 16:10:52 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-27 16:10:52 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-03-27 16:06:58 ----D---- C:\Program Files (x86)\ESET
2013-03-21 19:06:19 ----D---- C:\Users\Zdenda\AppData\Roaming\twinstar_launcher
2013-03-20 13:10:10 ----D---- C:\Windows\system32\SPReview
2013-03-20 13:08:50 ----D---- C:\Windows\system32\EventProviders
2013-03-16 19:11:10 ----D---- C:\Program Files (x86)\Portrait Professional 11 Trial
2013-03-14 15:25:07 ----D---- C:\Users\Zdenda\AppData\Roaming\VampireSaga
2013-03-13 16:05:10 ----D---- C:\ProgramData\AVG Secure Search
2013-03-13 16:04:53 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2013-03-13 16:04:47 ----D---- C:\Program Files (x86)\AVG Secure Search
2013-03-13 16:03:35 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2013-03-13 16:03:01 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-03-13 16:02:03 ----D---- C:\ProgramData\AmUStor
2013-03-13 16:02:03 ----D---- C:\Program Files (x86)\AmIcoSingLun
2013-03-13 16:00:50 ----A---- C:\Windows\SYSWOW64\drivers\VMHybrid.sys
2013-03-13 16:00:50 ----A---- C:\Windows\SYSWOW64\drivers\VMHybr64.sys
2013-03-13 16:00:27 ----D---- C:\Users\Zdenda\AppData\Roaming\ATI
2013-03-13 16:00:27 ----D---- C:\ProgramData\ATI
2013-03-13 16:00:20 ----D---- C:\Program Files (x86)\AMD AVT
2013-03-13 16:00:16 ----D---- C:\Program Files (x86)\AMD APP
2013-03-13 16:00:10 ----D---- C:\Program Files\Common Files\ATI Technologies
2013-03-13 15:59:03 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-03-13 15:59:03 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-03-13 15:59:03 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2013-03-13 15:58:31 ----D---- C:\ProgramData\AMD
2013-03-13 15:58:27 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2013-03-13 15:58:20 ----D---- C:\Program Files (x86)\ATI Technologies
2013-03-13 15:54:50 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-03-13 15:54:26 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\WavesGUILib64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tosade.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tepeqapo64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tadefxapo264.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\tadefxapo.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSWOW64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSTSX64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSTSH64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SRSHP64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFSS_APO.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFNHK64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFCOM64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\SFAPO64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtPgEx64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkCfg64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RtkApi64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEP64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEL64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEEG64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTEED64A.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RTCOM64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RP3DHT64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RP3DAA64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\RCoInstII64.dll
2013-03-13 15:54:26 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEP64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEG64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EED64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\R4EEA64A.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2013-03-13 15:54:25 ----A---- C:\Windows\system32\KAAPORT64.dll
2013-03-13 15:54:24 ----D---- C:\Program Files (x86)\Realtek
2013-03-13 15:54:24 ----A---- C:\Windows\system32\FMAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\AERTAR64.dll
2013-03-13 15:54:24 ----A---- C:\Windows\system32\AERTAC64.dll
2013-03-13 15:54:22 ----A---- C:\Windows\RtlExUpd.dll
2013-03-13 15:53:43 ----D---- C:\Program Files\Realtek
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RtkHDM64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEP64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEL64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEEG64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RTEED64H.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RHDMEx64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RHCoInst64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\RH3DHT64.dll
2013-03-13 15:53:39 ----A---- C:\Windows\system32\drivers\RtHDMIVX.sys
2013-03-13 15:53:38 ----A---- C:\Windows\system32\RH3DAA64.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEP64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEL64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEG64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EED64H.dll
2013-03-13 15:53:38 ----A---- C:\Windows\system32\R4EEA64H.dll
2013-03-13 15:53:37 ----HD---- C:\Program Files (x86)\Temp
2013-03-13 15:51:58 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-13 15:51:58 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2013-03-13 15:51:44 ----D---- C:\Program Files\ATI Technologies
2013-03-13 15:51:40 ----D---- C:\Program Files\ATI
2013-03-13 15:47:46 ----D---- C:\ProgramData\DriverGenius
2013-03-13 15:45:51 ----D---- C:\Program Files (x86)\Driver-Soft
2013-03-10 21:38:45 ----A---- C:\Windows\SYSWOW64\drivers\Vcs.sys
2013-03-08 09:28:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-07 19:57:22 ----D---- C:\Program Files\CCleaner
2013-03-07 19:55:04 ----D---- C:\Program Files\trend micro
2013-03-07 19:55:03 ----D---- C:\rsit
2013-03-07 19:54:34 ----D---- C:\Program Files (x86)\Google
2013-03-07 11:54:22 ----D---- C:\Users\Zdenda\AppData\Roaming\The Curse of the Werewolves
2013-03-06 20:26:53 ----D---- C:\Program Files (x86)\VideoLAN
2013-03-06 20:18:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-05 19:11:07 ----D---- C:\Users\Zdenda\AppData\Roaming\ICQ Search
2013-03-05 19:11:07 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2013-03-05 19:11:04 ----D---- C:\Program Files (x86)\Guard-ICQ
2013-03-05 19:11:02 ----D---- C:\ProgramData\ICQ
2013-03-05 19:08:03 ----D---- C:\Users\Zdenda\AppData\Roaming\BitTorrent
2013-03-05 18:59:57 ----D---- C:\ProgramData\PMB Files
2013-03-05 18:59:51 ----D---- C:\Program Files (x86)\Pando Networks
2013-03-05 12:33:31 ----D---- C:\Users\Zdenda\AppData\Roaming\AlawarEntertainment
2013-03-02 12:40:20 ----D---- C:\Windows\Minidump
======List of files/folders modified in the last 1 months======
2013-03-27 20:11:14 ----D---- C:\Windows\Temp
2013-03-27 20:09:17 ----D---- C:\Users\Zdenda\AppData\Roaming\Mumble
2013-03-27 20:09:12 ----D---- C:\Windows\system32\config
2013-03-27 20:01:13 ----D---- C:\Windows\System32
2013-03-27 20:01:13 ----D---- C:\Windows\inf
2013-03-27 20:01:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-27 19:56:36 ----D---- C:\Users\Zdenda\AppData\Roaming\Skype
2013-03-27 19:54:37 ----D---- C:\Windows\system32\catroot2
2013-03-27 19:54:00 ----D---- C:\Windows
2013-03-27 16:28:28 ----D---- C:\Windows\Microsoft.NET
2013-03-27 16:27:35 ----RSD---- C:\Windows\assembly
2013-03-27 16:10:57 ----HD---- C:\ProgramData
2013-03-27 16:10:52 ----RD---- C:\Program Files (x86)
2013-03-27 16:10:52 ----D---- C:\Windows\system32\drivers
2013-03-26 19:23:18 ----D---- C:\Windows\Tasks
2013-03-26 19:23:18 ----D---- C:\Windows\system32\wfp
2013-03-26 19:23:18 ----D---- C:\Windows\system32\drivers\UMDF
2013-03-26 19:23:17 ----D---- C:\Windows\system32\wbem
2013-03-26 19:22:30 ----D---- C:\Windows\system32\DriverStore
2013-03-26 19:22:23 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-26 19:22:22 ----SHD---- C:\Windows\Installer
2013-03-26 19:22:19 ----D---- C:\ProgramData\McAfee Security Scan
2013-03-26 19:22:19 ----D---- C:\Program Files (x86)\DaemonicMU Season V
2013-03-26 19:22:12 ----D---- C:\Windows\registration
2013-03-26 19:21:48 ----D---- C:\ProgramData\TuneUp Software
2013-03-26 19:20:14 ----SHD---- C:\System Volume Information
2013-03-20 20:52:48 ----D---- C:\Windows\SysWOW64
2013-03-20 20:52:48 ----D---- C:\Windows\system32\Tasks
2013-03-20 20:42:43 ----D---- C:\Windows\winsxs
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Portable Devices
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Media Player
2013-03-20 20:35:05 ----D---- C:\Program Files (x86)\Windows Mail
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Sidebar
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Portable Devices
2013-03-20 20:35:04 ----D---- C:\Program Files\Windows Mail
2013-03-20 20:35:04 ----D---- C:\Program Files\DVD Maker
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Photo Viewer
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Media Player
2013-03-20 20:35:03 ----D---- C:\Program Files\Windows Journal
2013-03-20 20:35:02 ----D---- C:\Program Files\Common Files\System
2013-03-20 20:35:01 ----D---- C:\Program Files\Windows Defender
2013-03-20 20:35:00 ----D---- C:\Windows\servicing
2013-03-20 20:35:00 ----D---- C:\Windows\ehome
2013-03-20 20:34:52 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2013-03-20 20:34:52 ----D---- C:\Windows\SYSWOW64\da-DK
2013-03-20 20:34:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-03-20 20:34:50 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-20 20:34:49 ----D---- C:\Windows\SYSWOW64\oobe
2013-03-20 20:34:49 ----D---- C:\Windows\SYSWOW64\migration
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\Setup
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\cs
2013-03-20 20:34:48 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2013-03-20 20:34:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\sppui
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\manifeststore
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-20 20:34:45 ----D---- C:\Windows\SYSWOW64\en
2013-03-20 20:34:44 ----D---- C:\Windows\SYSWOW64\wbem
2013-03-20 20:34:43 ----D---- C:\Windows\SYSWOW64\migwiz
2013-03-20 20:34:42 ----D---- C:\Windows\SYSWOW64\Dism
2013-03-20 20:34:09 ----D---- C:\Windows\system32\da-DK
2013-03-20 20:34:09 ----D---- C:\Windows\PolicyDefinitions
2013-03-20 20:34:08 ----D---- C:\Windows\system32\sk-SK
2013-03-20 20:34:06 ----D---- C:\Windows\system32\en-US
2013-03-20 20:34:03 ----D---- C:\Windows\system32\oobe
2013-03-20 20:34:02 ----D---- C:\Windows\system32\migration
2013-03-20 20:34:02 ----D---- C:\Windows\system32\AdvancedInstallers
2013-03-20 20:34:01 ----D---- C:\Windows\system32\Setup
2013-03-20 20:34:01 ----D---- C:\Windows\system32\cs
2013-03-20 20:33:59 ----D---- C:\Windows\system32\cs-CZ
2013-03-20 20:33:56 ----D---- C:\Windows\system32\sppui
2013-03-20 20:33:56 ----D---- C:\Windows\system32\manifeststore
2013-03-20 20:33:56 ----D---- C:\Windows\system32\es-ES
2013-03-20 20:33:55 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-03-20 20:33:54 ----D---- C:\Windows\system32\drivers\en-US
2013-03-20 20:33:51 ----D---- C:\Windows\system32\migwiz
2013-03-20 20:33:51 ----D---- C:\Windows\system32\Dism
2013-03-20 20:32:58 ----RSD---- C:\Windows\Fonts
2013-03-20 20:32:57 ----D---- C:\Windows\AppPatch
2013-03-20 20:32:34 ----D---- C:\Windows\system32\Boot
2013-03-20 13:18:36 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2013-03-20 13:18:36 ----A---- C:\Windows\system32\msclmd.dll
2013-03-19 21:21:14 ----D---- C:\Windows\Prefetch
2013-03-19 20:55:39 ----D---- C:\Windows\SoftwareDistribution
2013-03-17 09:22:47 ----D---- C:\ProgramData\AlawarWrapper
2013-03-13 17:58:32 ----D---- C:\Program Files (x86)\Hry.cz
2013-03-13 16:04:48 ----D---- C:\Program Files (x86)\Common Files
2013-03-13 16:02:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-13 16:02:06 ----D---- C:\Windows\system32\catroot
2013-03-13 16:00:50 ----D---- C:\Windows\SYSWOW64\drivers
2013-03-13 16:00:10 ----D---- C:\Program Files\Common Files
2013-03-13 15:53:43 ----RD---- C:\Program Files
2013-03-12 15:40:15 ----SD---- C:\Users\Zdenda\AppData\Roaming\Microsoft
2013-03-08 15:16:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-07 20:00:08 ----D---- C:\Users\Zdenda\AppData\Roaming\Ventrilo
2013-03-07 20:00:08 ----D---- C:\Users\Zdenda\AppData\Roaming\DAEMON Tools Lite
2013-03-07 19:59:51 ----D---- C:\Windows\Panther
2013-03-07 19:59:46 ----D---- C:\Windows\Logs
2013-03-07 19:59:46 ----D---- C:\Windows\debug
2013-03-05 22:15:20 ----D---- C:\Users\Zdenda\AppData\Roaming\TS3Client
2013-03-05 20:22:08 ----D---- C:\ProgramData\Adobe
2013-03-05 19:11:12 ----D---- C:\ProgramData\Zoomex
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-03-13 39768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-23 283200]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R3 3xHybr64;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-04-20 873216]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-12-26 3269088]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2012-06-05 237968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-27 805088]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S2 Vcs;Vcs support; \??\C:\Windows\system32\Drivers\Vcs.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2008-10-29 811008]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-03-05 1564368]
R2 ICQ Service;ICQ Service; C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-23 76888]
R2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-01-08 20608]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-01-13 42504]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-03-13 968880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-07 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Re: dost se mi to spomalilo
Pravda, omylem jsem kouknul na ten uvodni log, tam jeste nebyl 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
zdeny.m
- Návštěvník
- Příspěvky: 74
- Registrován: 29 lis 2004 18:54
- Bydliště: Holýšov
- Kontaktovat uživatele:
Re: dost se mi to spomalilo
# AdwCleaner v2.115 - Log vytvooen 27/03/2013 v 20:31:57
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : Zdenda - ZDENDAPC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Zdenda\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : ICQ Service
Nalezeno : VideoDownloadConverter_4zService
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\AVG Secure Search
Složka Nalezeno : C:\Program Files (x86)\Common Files\AVG Secure Search
Složka Nalezeno : C:\Program Files (x86)\ICQ6Toolbar
Složka Nalezeno : C:\Program Files (x86)\Protected Search
Složka Nalezeno : C:\Program Files (x86)\Red Sky
Složka Nalezeno : C:\Program Files (x86)\SweetIM
Složka Nalezeno : C:\Program Files (x86)\sweetpacks bundle uninstaller
Složka Nalezeno : C:\Program Files (x86)\VideoDownloadConverter_4z
Složka Nalezeno : C:\Program Files (x86)\Zoomex
Složka Nalezeno : C:\ProgramData\AVG Secure Search
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\boost_interprocess
Složka Nalezeno : C:\ProgramData\clsoft ltd
Složka Nalezeno : C:\ProgramData\ICQ\ICQToolbar
Složka Nalezeno : C:\ProgramData\InstallMate
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoomex
Složka Nalezeno : C:\ProgramData\Premium
Složka Nalezeno : C:\ProgramData\SweetIM
Složka Nalezeno : C:\ProgramData\Zoomex
Složka Nalezeno : C:\Users\Zdenda\AppData\Local\AVG Secure Search
Složka Nalezeno : C:\Users\Zdenda\AppData\Local\DownTango
Složka Nalezeno : C:\Users\Zdenda\AppData\Local\SwvUpdater
Složka Nalezeno : C:\Users\Zdenda\AppData\Local\VideoDownloadConverter_4z
Složka Nalezeno : C:\Users\Zdenda\AppData\LocalLow\AVG Secure Search
Složka Nalezeno : C:\Users\Zdenda\AppData\LocalLow\Softonic
Složka Nalezeno : C:\Users\Zdenda\AppData\LocalLow\VideoDownloadConverter_4z
Složka Nalezeno : C:\Users\Zdenda\AppData\LocalLow\Zoomex
Složka Nalezeno : C:\Users\Zdenda\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Složka Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Složka Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Složka Nalezeno : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Soubor Nalezeno : C:\user.js
Soubor Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\my-web-search.xml
Soubor Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\Searchab.xml
Soubor Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\SweetIm.xml
Soubor Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\Web Search.xml
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter Search Scope Monitor]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter_4z Browser Plugin Loader]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\AppDataLow\SProtector
Klíe Nalezeno : HKCU\Software\AVG Secure Search
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{031B4C0E-E357-91ED-FFFB-B328A08F972E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{031B4C0E-E357-91ED-FFFB-B328A08F972E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\ProtectedSearch
Klíe Nalezeno : HKCU\Software\StartSearch
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\AVG Secure Search
Klíe Nalezeno : HKLM\Software\AVG Security Toolbar
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sim-packages
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.Band
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.Band.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Nalezeno : HKLM\Software\SP Global
Klíe Nalezeno : HKLM\Software\SProtector
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{031B4C0E-E357-91ED-FFFB-B328A08F972E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{031B4C0E-E357-91ED-FFFB-B328A08F972E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíe Nalezeno : HKU\S-1-5-21-3594471807-556225314-2353248353-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-3594471807-556225314-2353248353-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKU\S-1-5-21-3594471807-556225314-2353248353-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKU\S-1-5-21-3594471807-556225314-2353248353-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16448
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.icq.com/
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
-\\ Mozilla Firefox v19.0.2 (cs)
Soubor : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112060&tt=4812_8&babsrc=NT_ss&mntr[...]
Nalezeno : user_pref("browser.search.defaultengine", "Web Search");
Nalezeno : user_pref("browser.search.defaultenginename", "My Web Search");
Nalezeno : user_pref("browser.search.order.1", "Web Search");
Nalezeno : user_pref("browser.search.selectedEngine", "My Web Search");
Nalezeno : user_pref("browser.startup.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=7F3B921A-3040-4CE[...]
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTab", true);
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112060&tt=4812_[...]
Nalezeno : user_pref("extensions.Softonic.admin", false);
Nalezeno : user_pref("extensions.Softonic.aflt", "SD");
Nalezeno : user_pref("extensions.Softonic.autoRvrt", "false");
Nalezeno : user_pref("extensions.Softonic.cntry", "CZ");
Nalezeno : user_pref("extensions.Softonic.cv", "cv5");
Nalezeno : user_pref("extensions.Softonic.dfltLng", "pl");
Nalezeno : user_pref("extensions.Softonic.dfltlng", "pl");
Nalezeno : user_pref("extensions.Softonic.dfltsrch", "false");
Nalezeno : user_pref("extensions.Softonic.envrmnt", "production");
Nalezeno : user_pref("extensions.Softonic.excTlbr", false);
Nalezeno : user_pref("extensions.Softonic.hdrMd5", "51C48CD0D7E18A8381E8F2A7381DB508");
Nalezeno : user_pref("extensions.Softonic.hmpg", false);
Nalezeno : user_pref("extensions.Softonic.hrdid", "fc15b69f00000000000000242157054f");
Nalezeno : user_pref("extensions.Softonic.id", "fc15b69f00000000000000242157054f");
Nalezeno : user_pref("extensions.Softonic.instlDay", "15633");
Nalezeno : user_pref("extensions.Softonic.instlRef", "MON00084");
Nalezeno : user_pref("extensions.Softonic.instlday", "15633");
Nalezeno : user_pref("extensions.Softonic.instlref", "MON00084");
Nalezeno : user_pref("extensions.Softonic.isdcmntcmplt", false);
Nalezeno : user_pref("extensions.Softonic.keywordurl", "");
Nalezeno : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.420:51:53");
Nalezeno : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Nalezeno : user_pref("extensions.Softonic.newTab", false);
Nalezeno : user_pref("extensions.Softonic.newtab", "false");
Nalezeno : user_pref("extensions.Softonic.newtaburl", "");
Nalezeno : user_pref("extensions.Softonic.prdct", "Softonic");
Nalezeno : user_pref("extensions.Softonic.propectorlck", 92773947);
Nalezeno : user_pref("extensions.Softonic.prtnrId", "softonic");
Nalezeno : user_pref("extensions.Softonic.prtnrid", "softonic");
Nalezeno : user_pref("extensions.Softonic.radiomystations", "[{\"id\":\"1069\",\"name\":\"ORS Rom?ntica en espa[...]
Nalezeno : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Nalezeno : user_pref("extensions.Softonic.savedVrsnTs", "1");
Nalezeno : user_pref("extensions.Softonic.sg", "az");
Nalezeno : user_pref("extensions.Softonic.smplGrp", "none");
Nalezeno : user_pref("extensions.Softonic.smplgrp", "none");
Nalezeno : user_pref("extensions.Softonic.srch", "");
Nalezeno : user_pref("extensions.Softonic.srchprvdr", "");
Nalezeno : user_pref("extensions.Softonic.tlbrId", "base");
Nalezeno : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00084/tb_v1?SearchSource[...]
Nalezeno : user_pref("extensions.Softonic.tlbrid", "base");
Nalezeno : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/MON00084/tb_v1?SearchSource[...]
Nalezeno : user_pref("extensions.Softonic.vrsn", "1.6.7.4");
Nalezeno : user_pref("extensions.Softonic.vrsnTs", "1.6.7.420:51:53");
Nalezeno : user_pref("extensions.Softonic.vrsni", "1.6.7.4");
Nalezeno : user_pref("extensions.Softonic.vrsnts", "1.6.7.420:51:53");
Nalezeno : user_pref("extensions.Softonic_i.newTab", false);
Nalezeno : user_pref("extensions.Softonic_i.smplGrp", "none");
Nalezeno : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.420:51:53");
Nalezeno : user_pref("extensions.mywebsearch.prevDefaultEngine", "SweetIM Search");
Nalezeno : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Nalezeno : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.certified-toolbar.com?si=41460&tid=293[...]
Nalezeno : user_pref("extensions.mywebsearch.prevSelectedEngine", "SweetIM Search");
Nalezeno : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Nalezeno : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=7F3B921A[...]
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Search the web (Babylon)");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://search.certified-toolbar.com?[...]
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=[...]
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
Nalezeno : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={B39D[...]
-\\ Google Chrome v25.0.1364.172
Soubor : C:\Users\Zdenda\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [32946 octets] - [27/03/2013 20:31:57]
########## EOF - C:\AdwCleaner[R1].txt - [33007 octets] ##########
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : Zdenda - ZDENDAPC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Zdenda\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : ICQ Service
Nalezeno : VideoDownloadConverter_4zService
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\AVG Secure Search
Složka Nalezeno : C:\Program Files (x86)\Common Files\AVG Secure Search
Složka Nalezeno : C:\Program Files (x86)\ICQ6Toolbar
Složka Nalezeno : C:\Program Files (x86)\Protected Search
Složka Nalezeno : C:\Program Files (x86)\Red Sky
Složka Nalezeno : C:\Program Files (x86)\SweetIM
Složka Nalezeno : C:\Program Files (x86)\sweetpacks bundle uninstaller
Složka Nalezeno : C:\Program Files (x86)\VideoDownloadConverter_4z
Složka Nalezeno : C:\Program Files (x86)\Zoomex
Složka Nalezeno : C:\ProgramData\AVG Secure Search
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\boost_interprocess
Složka Nalezeno : C:\ProgramData\clsoft ltd
Složka Nalezeno : C:\ProgramData\ICQ\ICQToolbar
Složka Nalezeno : C:\ProgramData\InstallMate
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoomex
Složka Nalezeno : C:\ProgramData\Premium
Složka Nalezeno : C:\ProgramData\SweetIM
Složka Nalezeno : C:\ProgramData\Zoomex
Složka Nalezeno : C:\Users\Zdenda\AppData\Local\AVG Secure Search
Složka Nalezeno : C:\Users\Zdenda\AppData\Local\DownTango
Složka Nalezeno : C:\Users\Zdenda\AppData\Local\SwvUpdater
Složka Nalezeno : C:\Users\Zdenda\AppData\Local\VideoDownloadConverter_4z
Složka Nalezeno : C:\Users\Zdenda\AppData\LocalLow\AVG Secure Search
Složka Nalezeno : C:\Users\Zdenda\AppData\LocalLow\Softonic
Složka Nalezeno : C:\Users\Zdenda\AppData\LocalLow\VideoDownloadConverter_4z
Složka Nalezeno : C:\Users\Zdenda\AppData\LocalLow\Zoomex
Složka Nalezeno : C:\Users\Zdenda\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Složka Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Složka Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Složka Nalezeno : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Soubor Nalezeno : C:\user.js
Soubor Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\my-web-search.xml
Soubor Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\Searchab.xml
Soubor Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\SweetIm.xml
Soubor Nalezeno : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\searchplugins\Web Search.xml
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter Search Scope Monitor]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter_4z Browser Plugin Loader]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\AppDataLow\SProtector
Klíe Nalezeno : HKCU\Software\AVG Secure Search
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{031B4C0E-E357-91ED-FFFB-B328A08F972E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{031B4C0E-E357-91ED-FFFB-B328A08F972E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\ProtectedSearch
Klíe Nalezeno : HKCU\Software\StartSearch
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\AVG Secure Search
Klíe Nalezeno : HKLM\Software\AVG Security Toolbar
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sim-packages
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Klíe Nalezeno : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.Band
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.Band.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Nalezeno : HKLM\Software\SP Global
Klíe Nalezeno : HKLM\Software\SProtector
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{031B4C0E-E357-91ED-FFFB-B328A08F972E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{031B4C0E-E357-91ED-FFFB-B328A08F972E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíe Nalezeno : HKU\S-1-5-21-3594471807-556225314-2353248353-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-3594471807-556225314-2353248353-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKU\S-1-5-21-3594471807-556225314-2353248353-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKU\S-1-5-21-3594471807-556225314-2353248353-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16448
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.icq.com/
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
-\\ Mozilla Firefox v19.0.2 (cs)
Soubor : C:\Users\Zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\txnfm3cm.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112060&tt=4812_8&babsrc=NT_ss&mntr[...]
Nalezeno : user_pref("browser.search.defaultengine", "Web Search");
Nalezeno : user_pref("browser.search.defaultenginename", "My Web Search");
Nalezeno : user_pref("browser.search.order.1", "Web Search");
Nalezeno : user_pref("browser.search.selectedEngine", "My Web Search");
Nalezeno : user_pref("browser.startup.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=7F3B921A-3040-4CE[...]
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTab", true);
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112060&tt=4812_[...]
Nalezeno : user_pref("extensions.Softonic.admin", false);
Nalezeno : user_pref("extensions.Softonic.aflt", "SD");
Nalezeno : user_pref("extensions.Softonic.autoRvrt", "false");
Nalezeno : user_pref("extensions.Softonic.cntry", "CZ");
Nalezeno : user_pref("extensions.Softonic.cv", "cv5");
Nalezeno : user_pref("extensions.Softonic.dfltLng", "pl");
Nalezeno : user_pref("extensions.Softonic.dfltlng", "pl");
Nalezeno : user_pref("extensions.Softonic.dfltsrch", "false");
Nalezeno : user_pref("extensions.Softonic.envrmnt", "production");
Nalezeno : user_pref("extensions.Softonic.excTlbr", false);
Nalezeno : user_pref("extensions.Softonic.hdrMd5", "51C48CD0D7E18A8381E8F2A7381DB508");
Nalezeno : user_pref("extensions.Softonic.hmpg", false);
Nalezeno : user_pref("extensions.Softonic.hrdid", "fc15b69f00000000000000242157054f");
Nalezeno : user_pref("extensions.Softonic.id", "fc15b69f00000000000000242157054f");
Nalezeno : user_pref("extensions.Softonic.instlDay", "15633");
Nalezeno : user_pref("extensions.Softonic.instlRef", "MON00084");
Nalezeno : user_pref("extensions.Softonic.instlday", "15633");
Nalezeno : user_pref("extensions.Softonic.instlref", "MON00084");
Nalezeno : user_pref("extensions.Softonic.isdcmntcmplt", false);
Nalezeno : user_pref("extensions.Softonic.keywordurl", "");
Nalezeno : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.420:51:53");
Nalezeno : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Nalezeno : user_pref("extensions.Softonic.newTab", false);
Nalezeno : user_pref("extensions.Softonic.newtab", "false");
Nalezeno : user_pref("extensions.Softonic.newtaburl", "");
Nalezeno : user_pref("extensions.Softonic.prdct", "Softonic");
Nalezeno : user_pref("extensions.Softonic.propectorlck", 92773947);
Nalezeno : user_pref("extensions.Softonic.prtnrId", "softonic");
Nalezeno : user_pref("extensions.Softonic.prtnrid", "softonic");
Nalezeno : user_pref("extensions.Softonic.radiomystations", "[{\"id\":\"1069\",\"name\":\"ORS Rom?ntica en espa[...]
Nalezeno : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Nalezeno : user_pref("extensions.Softonic.savedVrsnTs", "1");
Nalezeno : user_pref("extensions.Softonic.sg", "az");
Nalezeno : user_pref("extensions.Softonic.smplGrp", "none");
Nalezeno : user_pref("extensions.Softonic.smplgrp", "none");
Nalezeno : user_pref("extensions.Softonic.srch", "");
Nalezeno : user_pref("extensions.Softonic.srchprvdr", "");
Nalezeno : user_pref("extensions.Softonic.tlbrId", "base");
Nalezeno : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00084/tb_v1?SearchSource[...]
Nalezeno : user_pref("extensions.Softonic.tlbrid", "base");
Nalezeno : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/MON00084/tb_v1?SearchSource[...]
Nalezeno : user_pref("extensions.Softonic.vrsn", "1.6.7.4");
Nalezeno : user_pref("extensions.Softonic.vrsnTs", "1.6.7.420:51:53");
Nalezeno : user_pref("extensions.Softonic.vrsni", "1.6.7.4");
Nalezeno : user_pref("extensions.Softonic.vrsnts", "1.6.7.420:51:53");
Nalezeno : user_pref("extensions.Softonic_i.newTab", false);
Nalezeno : user_pref("extensions.Softonic_i.smplGrp", "none");
Nalezeno : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.420:51:53");
Nalezeno : user_pref("extensions.mywebsearch.prevDefaultEngine", "SweetIM Search");
Nalezeno : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Nalezeno : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.certified-toolbar.com?si=41460&tid=293[...]
Nalezeno : user_pref("extensions.mywebsearch.prevSelectedEngine", "SweetIM Search");
Nalezeno : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Nalezeno : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=7F3B921A[...]
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Search the web (Babylon)");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://search.certified-toolbar.com?[...]
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=[...]
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
Nalezeno : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={B39D[...]
-\\ Google Chrome v25.0.1364.172
Soubor : C:\Users\Zdenda\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [32946 octets] - [27/03/2013 20:31:57]
########## EOF - C:\AdwCleaner[R1].txt - [33007 octets] ##########
Přispějete na provoz fóra?
