VIRY.CZ

Zdravím poprosím o kontrolu

Logfile of random's system information tool 1.09 (written by random/random)
Run by Meny at 2013-05-17 14:36:11
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 41 GB (41%) free of 100 GB
Total RAM: 2047 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:36:23, on 17.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Meny\AppData\Roaming\TorrentStream\engine\tsengine.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Meny\AppData\Roaming\TorrentStream\updater\tsupdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\system32\taskeng.exe
C:\Users\Meny\Downloads\RSIT.exe
C:\Program Files\trend micro\Meny.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=EIE9HP&PC=UP50
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Meny\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Browse2save - {33D59158-D52B-5A07-3014-012D98F9F451} - C:\ProgramData\Browse2save\50c878df86582.ocx
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Meny\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [TorrentStream] C:\Users\Meny\AppData\Roaming\TorrentStream\engine\tsengine.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Meny\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~1\mocaflix\sprote~1.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NPVR Recording Service - Unknown owner - C:\Program Files\NPVR\NRecord.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

--
End of file - 10676 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job
C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4249612379-790485995-3687962752-1002Core1cd7c8b55ce7637.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4249612379-790485995-3687962752-1002Core1cd965e237ba7fc.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4249612379-790485995-3687962752-1002UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Meny\AppData\Roaming\Mozilla\Firefox\Profiles\y2eykvkp.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://websearch.mocaflix.com/?l=1&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=Software602 Form Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Meny\AppData\Roaming\Mozilla\Firefox\Profiles\y2eykvkp.default\searchplugins\
funmoods.xml
WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Meny\AppData\Roaming\Complitly\Complitly.dll [2012-11-30 142040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-02-07 194912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33D59158-D52B-5A07-3014-012D98F9F451}]
Browse2save Class - C:\ProgramData\Browse2save\50c878df86582.ocx [2012-12-12 128000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-19 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-19 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\bin\core.4.dll [2012-01-10 1151520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-02-13 1263952]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-04-12 222776]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-20 719672]
"Google Update"=C:\Users\Meny\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-17 116648]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2012-11-23 307712]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-05-16 4760816]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-02-28 18642024]
"TorrentStream"=C:\Users\Meny\AppData\Roaming\TorrentStream\engine\tsengine.exe [2013-04-15 27256]
"cz.seznam.software.autoupdate"=C:\Users\Meny\AppData\Roaming\Seznam.cz\szninstall.exe [2013-03-21 1061960]
"cz.seznam.software.szndesktop"=C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

C:\Users\Meny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\mocaflix\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"VIDC.FMVC"=fmcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"msacm.l3codec"=l3codecp.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-05-17 14:36:11 ----D---- C:\rsit
2013-05-17 12:47:51 ----D---- C:\Program Files\trend micro
2013-05-15 15:30:33 ----A---- C:\Windows\system32\jscript.dll
2013-05-15 15:30:32 ----A---- C:\Windows\system32\jscript9.dll
2013-05-15 15:30:31 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-15 15:30:31 ----A---- C:\Windows\system32\iesetup.dll
2013-05-15 15:30:30 ----A---- C:\Windows\system32\ieui.dll
2013-05-15 15:30:29 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-05-15 15:30:29 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-15 15:30:29 ----A---- C:\Windows\system32\iernonce.dll
2013-05-15 15:30:29 ----A---- C:\Windows\system32\ie4uinit.exe
2013-05-15 15:30:28 ----A---- C:\Windows\system32\urlmon.dll
2013-05-15 15:30:28 ----A---- C:\Windows\system32\iesysprep.dll
2013-05-15 15:30:27 ----A---- C:\Windows\system32\iertutil.dll
2013-05-15 15:30:24 ----A---- C:\Windows\system32\wininet.dll
2013-05-15 15:30:22 ----A---- C:\Windows\system32\ieframe.dll
2013-05-15 15:30:17 ----A---- C:\Windows\system32\mshtml.dll
2013-05-15 15:05:40 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-15 15:05:39 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-15 15:05:36 ----A---- C:\Windows\system32\win32k.sys
2013-05-15 15:05:19 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 15:05:19 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 15:05:12 ----A---- C:\Windows\system32\shell32.dll
2013-05-15 15:05:10 ----A---- C:\Windows\system32\consent.exe
2013-05-15 15:05:10 ----A---- C:\Windows\system32\authui.dll
2013-05-15 15:05:09 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-15 15:05:09 ----A---- C:\Windows\system32\appinfo.dll
2013-04-23 19:48:01 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-19 21:15:06 ----D---- C:\Program Files\Common Files\Java
2013-04-19 21:14:41 ----A---- C:\Windows\system32\javaws.exe
2013-04-19 21:14:32 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-04-19 21:14:32 ----A---- C:\Windows\system32\javaw.exe
2013-04-19 21:14:32 ----A---- C:\Windows\system32\java.exe

======List of files/folders modified in the last 1 month======

2013-05-17 14:36:08 ----D---- C:\Windows\Temp
2013-05-17 14:33:10 ----RD---- C:\Program Files
2013-05-17 14:26:22 ----D---- C:\Users\Meny\AppData\Roaming\Seznam.cz
2013-05-17 14:20:39 ----D---- C:\Windows\system32\Tasks
2013-05-17 14:20:38 ----D---- C:\Windows\Tasks
2013-05-17 14:18:59 ----D---- C:\ProgramData\NVIDIA
2013-05-17 13:40:18 ----D---- C:\Users\Meny\AppData\Roaming\uTorrent
2013-05-17 13:19:13 ----D---- C:\Users\Meny\AppData\Roaming\Skype
2013-05-17 10:33:17 ----D---- C:\Windows\system32\config
2013-05-16 07:50:26 ----D---- C:\Program Files\SUPERAntiSpyware
2013-05-15 19:57:08 ----RSD---- C:\Windows\assembly
2013-05-15 19:57:08 ----D---- C:\Windows\Microsoft.NET
2013-05-15 18:54:09 ----SHD---- C:\Windows\Installer
2013-05-15 18:52:39 ----D---- C:\Windows\System32
2013-05-15 16:18:19 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-05-15 15:49:09 ----D---- C:\Windows\winsxs
2013-05-15 15:48:58 ----D---- C:\Windows\Panther
2013-05-15 15:37:18 ----D---- C:\Program Files\Internet Explorer
2013-05-15 15:37:17 ----D---- C:\Windows\system32\drivers
2013-05-15 15:37:17 ----D---- C:\Windows\system32\cs-CZ
2013-05-15 15:37:17 ----D---- C:\Windows\AppPatch
2013-05-15 15:30:51 ----D---- C:\Windows\system32\catroot
2013-05-15 15:30:50 ----D---- C:\Windows\system32\catroot2
2013-05-15 15:27:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-15 15:27:45 ----D---- C:\Windows\inf
2013-05-15 15:26:35 ----D---- C:\ProgramData\Microsoft Help
2013-05-15 15:22:09 ----D---- C:\Windows\debug
2013-05-15 15:22:02 ----A---- C:\Windows\system32\MRT.exe
2013-05-15 15:19:57 ----SHD---- C:\System Volume Information
2013-05-15 14:55:12 ----D---- C:\Windows\Prefetch
2013-05-14 17:42:32 ----D---- C:\Users\Meny\AppData\Roaming\SimpleTV V03
2013-05-14 17:28:51 ----D---- C:\Users\Meny\AppData\Roaming\vlc
2013-05-14 14:05:19 ----D---- C:\Windows
2013-05-12 19:29:50 ----D---- C:\Windows\system32\wdi
2013-05-09 20:02:28 ----D---- C:\Windows\rescache
2013-05-09 10:58:28 ----A---- C:\Windows\system32\aswBoot.exe
2013-05-07 08:32:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-05-06 23:52:03 ----D---- C:\Program Files\Mozilla Firefox
2013-05-05 11:15:19 ----D---- C:\Program Files\Google
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-28 14:01:58 ----D---- C:\Windows\Logs
2013-04-28 13:51:48 ----D---- C:\Program Files\CCleaner
2013-04-19 21:15:06 ----D---- C:\Program Files\Common Files
2013-04-19 21:14:21 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-04-19 21:14:21 ----A---- C:\Windows\system32\deployJava1.dll
2013-04-18 21:04:10 ----D---- C:\FFOutput

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-05-09 174664]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 14392]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-31 20624]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 61680]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-05-09 765736]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-05-09 368944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2012-09-09 231760]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-12-22 25416]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-12-22 278728]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-09-07 116608]
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-05 116648]
S2 NPVR Recording Service;NPVR Recording Service; C:\Program Files\NPVR\NRecord.exe []
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-05 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-11 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-18 1343400]

-----------------EOF-----------------

Zdravim

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna.

koupil jsem to od soukromníka který se stará firmám o správu počítačů za dobrý peníz

jako celý pc ale ještě jsem musel investovat do grafiky která byla mrtvá

To je sice hezke, ale jaksi jste mi neodpovedel na otazku

dal jsem ověření systému stáhnul se windows activation update a vyjelo http://i.imgur.com/O4k5j8v.jpg jinak o původu nic nevím

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

OTL logfile created on: 20.5.2013 17:34:05 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Meny\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,30 Gb Available Physical Memory | 15,08% Memory free
4,00 Gb Paging File | 1,54 Gb Available in Paging File | 38,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 40,71 Gb Free Space | 41,69% Space Free | Partition Type: NTFS
Drive U: | 51,39 Gb Total Space | 7,31 Gb Free Space | 14,23% Space Free | Partition Type: NTFS

Computer Name: MENY-PC | User Name: Meny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.05.18 00:01:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Meny\Downloads\OTL.exe
PRC - [2013.05.16 07:50:26 | 004,760,816 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2013.05.15 16:18:19 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\tsengine.exe
PRC - [2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2013.04.10 08:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2013.01.18 16:21:02 | 000,873,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013.01.18 16:21:00 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.01.08 09:59:20 | 000,228,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2012.11.23 10:22:04 | 000,307,712 | ---- | M] (FileHippo.com) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\tsupdate.exe
PRC - [2012.10.23 11:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.09.09 09:41:16 | 001,516,496 | ---- | M] (TrueCrypt Foundation) -- C:\Program Files\TrueCrypt\TrueCrypt.exe
PRC - [2012.09.07 21:53:12 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012.01.20 21:03:48 | 000,719,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
PRC - [2011.04.12 11:58:04 | 000,222,776 | ---- | M] (Software602) -- C:\Program Files\Software602\Print2PDF\Print2PDF.exe
PRC - [2011.03.14 11:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe


========== Modules (No Company Name) ==========

MOD - [2013.05.15 16:18:18 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013.05.15 15:52:09 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013.05.15 15:51:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\tsengine.exe
MOD - [2013.04.12 10:14:26 | 001,657,368 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
MOD - [2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2013.04.10 08:56:55 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\431libfoxloader.dll
MOD - [2013.03.25 16:39:52 | 000,894,968 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2013.02.13 14:10:09 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013.02.13 12:57:59 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.13 04:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2013.01.29 18:20:40 | 000,082,944 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\cpyamf.util.pyd
MOD - [2013.01.29 18:20:40 | 000,066,048 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\cpyamf.amf0.pyd
MOD - [2013.01.09 13:57:46 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.09 13:56:07 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.09 13:54:32 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.09 13:54:02 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.09 13:52:08 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.11.14 18:00:08 | 000,018,944 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\pycompat.pyd
MOD - [2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\tsupdate.exe
MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\pythoncom27.dll
MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\pythoncom27.dll
MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\win32api.pyd
MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\win32api.pyd
MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\win32pdh.pyd
MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\win32pdh.pyd
MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\win32file.pyd
MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\win32file.pyd
MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\pywintypes27.dll
MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\pywintypes27.dll
MOD - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
MOD - [2012.01.10 14:51:40 | 000,822,816 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\email.4.dll
MOD - [2012.01.10 14:51:14 | 001,151,520 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\core.4.dll
MOD - [2011.07.15 21:38:22 | 000,674,816 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\wx._misc_.pyd
MOD - [2011.07.15 21:38:22 | 000,674,816 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\wx._misc_.pyd
MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\wx._controls_.pyd
MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\wx._controls_.pyd
MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\wx._windows_.pyd
MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\wx._windows_.pyd
MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\wx._gdi_.pyd
MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\wx._gdi_.pyd
MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\wx._core_.pyd
MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\wx._core_.pyd
MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_html_vc.dll
MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_html_vc.dll
MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_adv_vc.dll
MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_adv_vc.dll
MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_core_vc.dll
MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_core_vc.dll
MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\wxbase28uh_net_vc.dll
MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\wxbase28uh_net_vc.dll
MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\wxbase28uh_vc.dll
MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\wxbase28uh_vc.dll
MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\_ssl.pyd
MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\_ssl.pyd
MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\_socket.pyd
MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\_socket.pyd
MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\pyexpat.pyd
MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\pyexpat.pyd
MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\_hashlib.pyd
MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\_hashlib.pyd
MOD - [2011.06.12 15:06:22 | 000,106,496 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\_ctypes.pyd
MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\select.pyd
MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\select.pyd
MOD - [2011.06.12 15:06:20 | 000,688,128 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\unicodedata.pyd
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.13 17:02:12 | 000,031,232 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\Crypto.Cipher.AES.pyd
MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\lib\M2Crypto.__m2crypto.pyd
MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\M2Crypto.__m2crypto.pyd
MOD - [2010.12.02 03:13:18 | 000,214,528 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\Software602.dll
MOD - [2010.11.13 04:37:03 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.10.11 00:23:52 | 000,723,968 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\lib\apsw.pyd
MOD - [2010.07.04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\NPVR\NRecord.exe -- (NPVR Recording Service)
SRV - [2013.05.15 16:18:20 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.04.11 20:52:55 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.10.23 11:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.09.20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012.09.07 21:53:12 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012.08.18 13:56:33 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.03.14 11:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - [2013.05.09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.05.09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.05.09 10:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.05.09 10:59:10 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013.05.09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.05.09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.05.09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.05.09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013.02.26 00:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.12.22 18:11:16 | 000,278,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2012.12.22 18:09:48 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2012.10.31 00:51:56 | 000,020,624 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012.09.09 09:41:17 | 000,231,760 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.07.03 17:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.08.17 09:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 09:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 09:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009.05.05 12:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2004.08.13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.mocaflix.com/?l=1&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=EIE9HP&PC=UP50
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes,DefaultScope = {B4043DF7-056F-46EF-96B7-4904DF26B2D6}
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{05C36703-1AFF-4903-ADFC-8FC413C7DC40}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{330537B4-9412-416A-84B4-B6E060C1ECAC}: "URL" = http://www.bing.com/search?FORM=UP50DF& ... -SearchBox
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{33668B2D-6EEC-4C76-832A-268D450A778F}: "URL" = http://encyklopedie.seznam.cz/search?q= ... kSearch_12
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{3ABCD850-6859-4668-965C-021BA1BE157C}: "URL" = http://start.funmoods.com/results.php?f ... earchTerms}
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{44890A7B-E3E6-4033-A233-3663FB749FA2}: "URL" = http://www.mapy.cz/?query={searchTerms} ... kSearch_12
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{58083AF3-7041-4EA3-B1AC-1B5C82068997}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... kSearch_12
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{6F77FF3A-BF3C-4AAD-A5F6-5825457E8FE4}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... kSearch_12
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{794E0072-8D12-450D-8C30-D2BC9E4AA8B5}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... kSearch_12
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{A5D78029-835D-445A-9D08-91BF07B2FE20}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... kSearch_12
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{B4043DF7-056F-46EF-96B7-4904DF26B2D6}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{B9B97963-9B3E-401C-B051-48D6FF1289AE}: "URL" = http://search.seznam.cz/?q={searchTerms ... kSearch_12
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.mocaflix.com/?l=1&q={searchTerms}
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{E2C1A08D-0C4A-4776-ABBE-D5A66EDB4B4C}: "URL" = http://www.novinky.cz/hledej?w={searchT ... kSearch_12
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..\SearchScopes\{E719C3B2-AFAF-446C-A110-2D40E8FD46CD}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... kSearch_12
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaulturl: "http://websearch.mocaflix.com/?l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: magicplayer%40torrentstream.org:1.1.22
FF - prefs.js..extensions.enabledAddons: %7BBAEBEF65-9289-47c5-8524-C345CC5D860D%7D:1.12
FF - prefs.js..extensions.enabledAddons: %7B800b5000-a755-47e1-992b-48a1c1357f07%7D:1.5.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.5.3&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Meny\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Meny\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.9: C:\Users\Meny\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.05.14 14:05:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.02.17 10:54:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.06 22:17:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.15 18:53:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\Meny\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org [2013.04.02 18:55:17 | 000,000,000 | ---D | M]

[2012.08.12 22:53:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Meny\AppData\Roaming\Mozilla\Extensions
[2013.05.19 09:59:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Meny\AppData\Roaming\Mozilla\Firefox\Profiles\y2eykvkp.default\extensions
[2013.05.19 09:59:48 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Meny\AppData\Roaming\Mozilla\Firefox\Profiles\y2eykvkp.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2013.04.08 09:45:25 | 000,154,271 | ---- | M] () (No name found) -- C:\Users\Meny\AppData\Roaming\Mozilla\Firefox\Profiles\y2eykvkp.default\extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi
[2013.05.09 13:32:47 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Meny\AppData\Roaming\Mozilla\Firefox\Profiles\y2eykvkp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.08.14 17:54:46 | 000,001,799 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Mozilla\Firefox\Profiles\y2eykvkp.default\searchplugins\funmoods.xml
[2013.05.18 18:16:55 | 000,002,342 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Mozilla\Firefox\Profiles\y2eykvkp.default\searchplugins\icq-search.xml
[2013.05.19 02:52:11 | 000,000,168 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Mozilla\Firefox\Profiles\y2eykvkp.default\searchplugins\icqplugin.gif
[2013.05.19 02:52:12 | 000,000,618 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Mozilla\Firefox\Profiles\y2eykvkp.default\searchplugins\icqplugin.src
[2013.05.06 22:17:47 | 000,007,756 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Mozilla\Firefox\Profiles\y2eykvkp.default\searchplugins\WebSearch.xml
[2013.05.06 22:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.05.06 22:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2013.05.06 22:17:11 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.04.02 18:55:17 | 000,000,000 | ---D | M] (TS Magic Player) -- C:\USERS\MENY\APPDATA\ROAMING\TORRENTSTREAM\EXTENSIONS\FIREFOX\MAGICPLAYER@TORRENTSTREAM.ORG
[2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.04.10 12:37:04 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.04.10 12:37:04 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.04.10 12:37:04 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.04.10 12:37:04 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.04.10 12:37:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Centrum.cz (Enabled)
CHR - default_search_provider: search_url = http://search.centrum.cz/index.php?char ... earchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.centrum.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Meny\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Meny\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Meny\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Meny\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Meny\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - Extension: Complitly plugin for chrome = C:\Users\Meny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0\
CHR - Extension: Browse2save = C:\Users\Meny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedmelgffpplandebchdkcpmbgphdolc\3.8_0\
CHR - Extension: avast! Online Security = C:\Users\Meny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.6_0\
CHR - Extension: Centrum.cz Email Notifik\u00E1tor = C:\Users\Meny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmmnahgmbjnpgdoadbfoficgoamahklm\0.0.7.0_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Meny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Meny\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Browse2save Class) - {33D59158-D52B-5A07-3014-012D98F9F451} - C:\ProgramData\Browse2save\50c878df86582.ocx ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll ()
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Print2PDF Print Monitor] C:\Program Files\Software602\Print2PDF\Print2PDF.exe (Software602)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-4249612379-790485995-3687962752-1002..\Run: [cz.seznam.software.autoupdate] C:\Users\Meny\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-4249612379-790485995-3687962752-1002..\Run: [cz.seznam.software.szndesktop] C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-4249612379-790485995-3687962752-1002..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-4249612379-790485995-3687962752-1002..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-4249612379-790485995-3687962752-1002..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-4249612379-790485995-3687962752-1002..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\bin\postak.exe ()
O4 - HKU\S-1-5-21-4249612379-790485995-3687962752-1002..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-4249612379-790485995-3687962752-1002..\Run: [TorrentStream] C:\Users\Meny\AppData\Roaming\TorrentStream\engine\tsengine.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Meny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4249612379-790485995-3687962752-1002\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2D62CCB-D358-4E6C-A54E-E18C439CEFD0}: DhcpNameServer = 192.168.100.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~1\mocaflix\sprote~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.LAGS - C:\Windows\System32\LAGARITH.DLL ( )
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.05.20 15:18:32 | 000,000,000 | ---D | C] -- C:\Users\Meny\AppData\Roaming\vlc
[2013.05.20 15:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.05.18 18:33:22 | 000,000,000 | ---D | C] -- C:\Users\Meny\Documents\ICQ
[2013.05.18 18:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2013.05.18 18:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2013.05.18 18:16:26 | 000,000,000 | ---D | C] -- C:\Users\Meny\AppData\Roaming\ICQ Search
[2013.05.17 14:36:11 | 000,000,000 | ---D | C] -- C:\rsit
[2013.05.17 12:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.05.15 15:49:46 | 000,000,000 | R--D | C] -- C:\Users\Meny\Saved Games
[2013.05.15 15:30:34 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.15 15:30:32 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.15 15:30:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.05.15 15:30:31 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.15 15:30:30 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.15 15:30:29 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.15 15:30:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.05.15 15:30:29 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.05.15 15:30:29 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.05.15 15:30:28 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.05.15 15:05:39 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2013.05.15 15:05:36 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.15 15:05:19 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013.05.15 15:05:10 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.05.15 15:05:10 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[149 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.05.20 17:39:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.05.20 17:28:02 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.20 17:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.20 17:14:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4249612379-790485995-3687962752-1002UA.job
[2013.05.20 15:14:06 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4249612379-790485995-3687962752-1002Core1cd965e237ba7fc.job
[2013.05.20 15:08:07 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.20 15:08:07 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.20 15:03:53 | 000,000,268 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013.05.20 15:01:56 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.20 15:01:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.20 15:01:39 | 1609,912,320 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.19 11:22:32 | 000,068,596 | ---- | M] () -- C:\Users\Meny\Desktop\311054_511950618862646_727438523_n.jpg
[2013.05.19 10:15:01 | 000,032,388 | ---- | M] () -- C:\Users\Meny\Desktop\970062_10151481026794473_370344344_n.jpg
[2013.05.18 18:38:34 | 000,014,641 | ---- | M] () -- C:\Users\Meny\Desktop\chyba.JPG
[2013.05.18 17:47:16 | 000,029,468 | ---- | M] () -- C:\Users\Meny\Desktop\DATA.JPG
[2013.05.18 16:17:42 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.18 16:17:42 | 000,495,368 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.05.18 16:17:42 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.05.18 16:17:42 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.18 09:15:00 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2013.05.17 18:59:48 | 000,169,379 | ---- | M] () -- C:\Users\Meny\Desktop\Výstřižek5.JPG
[2013.05.17 18:25:56 | 000,152,590 | ---- | M] () -- C:\Users\Meny\Desktop\255720_582524441769787_2055923435_n.jpg
[2013.05.17 18:09:55 | 000,120,940 | ---- | M] () -- C:\Users\Meny\Desktop\374307_586551891367042_326307402_n.jpg
[2013.05.17 14:27:24 | 000,026,124 | ---- | M] () -- C:\Users\Meny\Desktop\ovl.JPG
[2013.05.16 08:08:37 | 000,082,390 | ---- | M] () -- C:\Users\Meny\Desktop\943743_584884428200455_1731218473_n.jpg
[2013.05.16 08:07:23 | 000,154,577 | ---- | M] () -- C:\Users\Meny\Desktop\417830_585351328153765_1080585551_n.jpg
[2013.05.16 08:05:57 | 000,122,579 | ---- | M] () -- C:\Users\Meny\Desktop\179918_586183998070498_1253114472_n.jpg
[2013.05.15 19:19:49 | 000,045,910 | ---- | M] () -- C:\Users\Meny\Desktop\81.JPG
[2013.05.15 16:18:19 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.15 16:18:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.15 15:47:55 | 003,765,208 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.14 14:05:21 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[149 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013.05.19 11:22:29 | 000,068,596 | ---- | C] () -- C:\Users\Meny\Desktop\311054_511950618862646_727438523_n.jpg
[2013.05.19 10:29:31 | 000,032,388 | ---- | C] () -- C:\Users\Meny\Desktop\970062_10151481026794473_370344344_n.jpg
[2013.05.18 18:38:33 | 000,014,641 | ---- | C] () -- C:\Users\Meny\Desktop\chyba.JPG
[2013.05.18 17:47:16 | 000,029,468 | ---- | C] () -- C:\Users\Meny\Desktop\DATA.JPG
[2013.05.18 17:35:46 | 004,826,609 | ---- | C] () -- C:\Users\Meny\Desktop\P1020686.JPG
[2013.05.18 00:08:51 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.05.17 18:59:47 | 000,169,379 | ---- | C] () -- C:\Users\Meny\Desktop\Výstřižek5.JPG
[2013.05.17 18:25:46 | 000,152,590 | ---- | C] () -- C:\Users\Meny\Desktop\255720_582524441769787_2055923435_n.jpg
[2013.05.17 18:09:51 | 000,120,940 | ---- | C] () -- C:\Users\Meny\Desktop\374307_586551891367042_326307402_n.jpg
[2013.05.17 14:27:20 | 000,026,124 | ---- | C] () -- C:\Users\Meny\Desktop\ovl.JPG
[2013.05.16 08:08:36 | 000,082,390 | ---- | C] () -- C:\Users\Meny\Desktop\943743_584884428200455_1731218473_n.jpg
[2013.05.16 08:07:21 | 000,154,577 | ---- | C] () -- C:\Users\Meny\Desktop\417830_585351328153765_1080585551_n.jpg
[2013.05.16 08:05:52 | 000,122,579 | ---- | C] () -- C:\Users\Meny\Desktop\179918_586183998070498_1253114472_n.jpg
[2013.05.15 19:19:49 | 000,045,910 | ---- | C] () -- C:\Users\Meny\Desktop\81.JPG
[2013.04.11 14:17:06 | 000,000,430 | ---- | C] () -- C:\Users\Meny\.swfinfo
[2013.04.07 14:09:41 | 000,143,836 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2013.03.16 10:47:36 | 000,174,664 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.16 10:47:35 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.03.13 23:28:47 | 000,001,486 | ---- | C] () -- C:\Users\Meny\AppData\Local\recently-used.xbel
[2013.02.27 16:51:09 | 000,751,141 | ---- | C] () -- C:\Windows\unins000.exe
[2013.02.27 16:51:08 | 000,060,006 | ---- | C] () -- C:\Windows\unins000.dat
[2013.01.22 11:27:47 | 000,000,600 | ---- | C] () -- C:\Users\Meny\PUTTY.RND
[2013.01.07 14:44:24 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2012.12.22 18:11:15 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2012.12.22 18:09:47 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2012.12.14 01:00:21 | 000,000,132 | ---- | C] () -- C:\Users\Meny\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.10.01 15:28:51 | 000,007,168 | ---- | C] () -- C:\Users\Meny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.12 15:56:25 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2012.09.12 15:44:31 | 002,953,448 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.08.24 01:12:04 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\LAGARITH.DLL
[2012.08.24 01:12:03 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.08.24 01:12:03 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012.08.24 01:12:01 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012.08.24 01:11:54 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.08.22 10:04:09 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.08.22 10:01:13 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.08.16 16:28:17 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.08.13 18:24:42 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2012.07.25 13:00:18 | 001,129,312 | ---- | C] () -- C:\Windows\System32\602convert.dll
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.04.03 14:00:37 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\.Torrent Stream
[2013.03.26 11:05:42 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\602Installer
[2013.03.26 11:06:49 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\602XML
[2012.08.24 22:48:11 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Ashampoo
[2013.03.16 15:27:13 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Audacity
[2013.02.21 18:13:27 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.12.01 11:48:19 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Complitly
[2012.11.15 11:34:44 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2012.12.12 21:22:58 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\dll-files.com
[2013.01.31 03:31:10 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\esmska
[2013.05.18 18:16:27 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\ICQ Search
[2012.12.23 17:42:08 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\IrfanView
[2012.08.25 09:37:58 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Opera
[2012.12.12 14:35:00 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Optimizer Pro
[2012.11.16 14:40:00 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\PhotoFiltre 7
[2012.12.22 18:00:45 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\ProtectDISC
[2012.12.13 17:43:45 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Registry Mechanic
[2013.05.20 15:08:20 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Seznam.cz
[2013.05.14 17:42:32 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\SimpleTV V03
[2012.12.15 00:57:06 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.11.26 01:50:56 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\TeamViewer
[2012.11.08 11:34:11 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Thinstall
[2012.09.09 10:47:49 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\TrueCrypt
[2013.05.17 13:40:18 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\uTorrent
[2012.08.16 18:15:47 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\VitySoft
[2012.09.03 17:11:04 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\YouTube Downloader

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,582 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.08.12 22:52:13 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.08.17 17:16:54 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4249612379-790485995-3687962752-1002Core1cd7c8b55ce7637.job
[2012.09.19 13:58:53 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4249612379-790485995-3687962752-1002Core1cd965e237ba7fc.job
[2012.09.19 13:58:54 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4249612379-790485995-3687962752-1002UA.job
[2012.12.12 21:23:13 | 000,000,262 | ---- | C] () -- C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job
[2012.12.12 21:23:14 | 000,000,278 | ---- | C] () -- C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
[2013.02.25 18:24:16 | 000,000,268 | ---- | C] () -- C:\Windows\Tasks\AutoKMS.job
[2013.05.05 11:13:44 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.05 11:13:46 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2012.08.22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.01.04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\0a635572\38fd2de4\*.tmp files -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\0a635572\38fd2de4\*.tmp -> ]
[149 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[18 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.04.03 14:00:37 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\.Torrent Stream
[2013.03.26 11:05:42 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\602Installer
[2013.03.26 11:06:49 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\602XML
[2013.03.15 19:12:16 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Adobe
[2012.12.15 00:57:07 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Adobe Mini Bridge CS5
[2012.08.24 22:48:11 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Ashampoo
[2013.03.16 15:27:13 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Audacity
[2013.02.21 18:13:27 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.12.01 11:48:19 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Complitly
[2012.11.15 11:34:44 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2012.11.30 17:09:37 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\DivX
[2012.12.12 21:22:58 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\dll-files.com
[2013.01.31 03:31:10 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\esmska
[2012.12.06 17:04:46 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\FastStone
[2013.05.18 18:16:27 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\ICQ Search
[2012.08.12 17:33:47 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Identities
[2012.09.06 00:06:35 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\InstallShield
[2012.12.23 17:42:08 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\IrfanView
[2012.08.12 22:52:19 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Macromedia
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Media Center Programs
[2013.02.02 13:58:37 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Media Player Classic
[2013.04.08 16:24:04 | 000,000,000 | --SD | M] -- C:\Users\Meny\AppData\Roaming\Microsoft
[2012.08.12 22:53:58 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Mozilla
[2012.09.03 20:58:15 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\NVIDIA
[2012.08.25 09:37:58 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Opera
[2012.12.12 14:35:00 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Optimizer Pro
[2012.11.16 14:40:00 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\PhotoFiltre 7
[2012.12.22 18:00:45 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\ProtectDISC
[2012.09.02 11:38:18 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Real
[2012.12.13 17:43:45 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Registry Mechanic
[2013.05.20 15:08:20 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Seznam.cz
[2013.05.14 17:42:32 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\SimpleTV V03
[2013.05.20 17:04:08 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Skype
[2012.09.20 16:02:34 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\skypePM
[2012.12.15 00:57:06 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.08.27 09:18:55 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\SUPERAntiSpyware.com
[2012.11.26 01:50:56 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\TeamViewer
[2012.11.08 11:34:11 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\Thinstall
[2013.04.01 20:43:03 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\TorrentStream
[2012.09.09 10:47:49 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\TrueCrypt
[2013.05.17 13:40:18 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\uTorrent
[2012.08.16 18:15:47 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\VitySoft
[2013.05.20 15:19:14 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\vlc
[2012.08.13 01:10:12 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\WinRAR
[2012.09.03 17:11:04 | 000,000,000 | ---D | M] -- C:\Users\Meny\AppData\Roaming\YouTube Downloader

< %APPDATA%\*.exe /s >
[2012.11.30 03:19:22 | 000,092,888 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Complitly\KeepMeUpdated.exe
[2012.11.30 03:19:22 | 000,092,888 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Complitly\64\KeepMeUpdated.exe
[2013.04.12 00:51:38 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Meny\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.03.21 11:26:26 | 001,061,960 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.03.27 14:09:44 | 002,582,600 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.15 13:34:14 | 000,045,560 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2012.11.08 11:35:04 | 000,007,168 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\Thinstall\FunPhotor 2008\400000115300002i\FunPhotor.exe
[2013.04.01 20:41:04 | 000,150,282 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\Uninstall.exe
[2013.04.02 16:56:42 | 000,028,416 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\.data\engine2\backup\last\tsengine.exe
[2013.04.02 16:56:42 | 000,028,416 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\.data\engine2\backup\last\tsengine_stream.exe
[2013.04.02 16:56:42 | 000,028,416 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.11\tsengine.exe
[2013.04.02 16:56:42 | 000,028,416 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.11\tsengine_stream.exe
[2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.12\tsengine.exe
[2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.12\tsengine_stream.exe
[2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\tsengine.exe
[2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\tsengine_stream.exe
[2011.06.12 15:05:52 | 000,049,664 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\engine\w9xpopen.exe
[2012.11.29 15:56:24 | 000,098,936 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\player\tsplayer.exe
[2012.11.29 15:56:24 | 000,039,544 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\player\vlc-cache-gen.exe
[2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\tsupdate.exe
[2011.06.12 15:05:52 | 000,049,664 | ---- | M] () -- C:\Users\Meny\AppData\Roaming\TorrentStream\updater\w9xpopen.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[149 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.05.20 17:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.05.20 15:03:53 | 000,000,268 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2013.03.13 10:15:00 | 000,000,262 | ---- | M] () -- C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job
[2013.05.18 09:15:00 | 000,000,278 | ---- | M] () -- C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
[2013.05.20 15:01:56 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.20 17:28:02 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.17 17:16:54 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4249612379-790485995-3687962752-1002Core1cd7c8b55ce7637.job
[2013.05.20 15:14:06 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4249612379-790485995-3687962752-1002Core1cd965e237ba7fc.job
[2013.05.20 17:14:00 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4249612379-790485995-3687962752-1002UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[149 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.05.20 15:08:07 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.20 15:08:07 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.18 16:17:42 | 000,121,708 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.05.18 16:17:42 | 000,106,190 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.05.18 16:17:42 | 000,495,368 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.05.18 16:17:42 | 000,615,810 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.05.18 16:17:42 | 001,333,402 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[149 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"OfficeSyncProcess" = "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" -- [2012.01.20 21:03:48 | 000,719,672 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Meny\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.08.17 17:08:16 | 000,116,648 | ---- | M] (Google Inc.)
"RocketDock" = "C:\Program Files\RocketDock\RocketDock.exe" -- [2007.09.02 13:58:52 | 000,495,616 | ---- | M] ()
"FileHippo.com" = "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background -- [2012.11.23 10:22:04 | 000,307,712 | ---- | M] (FileHippo.com)
"SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -- [2013.05.16 07:50:26 | 004,760,816 | ---- | M] (SUPERAntiSpyware.com)
"Seznam Postak" = "C:\Program Files\Seznam.cz\bin\postak.exe" -s -- [2012.01.10 16:16:10 | 000,491,040 | ---- | M] ()
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.04.19 15:19:04 | 018,678,376 | R--- | M] (Skype Technologies S.A.)
"TorrentStream" = C:\Users\Meny\AppData\Roaming\TorrentStream\engine\tsengine.exe -- [2013.04.15 18:41:26 | 000,027,256 | ---- | M] ()
"cz.seznam.software.autoupdate" = "C:\Users\Meny\AppData\Roaming\Seznam.cz\szninstall.exe" -c -- [2013.03.21 11:26:26 | 001,061,960 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Users\Meny\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -- [2013.04.12 10:10:22 | 000,092,664 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.04.10 08:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=6F5386A655598F71BAAB2D6B63A69D6A -- C:\Program Files\Mozilla Firefox\firefox.exe
[61 C:\Program Files\Mozilla Firefox\*.tmp files -> C:\Program Files\Mozilla Firefox\*.tmp -> ]

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.04.05 08:02:26 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2013.04.06 11:41:17 | 000,879,456 | ---- | M] (Opera Software) MD5=C5520FEB7AD5F6E3692B6DE41F6A1A27 -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.05.20 17:39:28 | 000,000,512 | ---- | M] () MD5=B886ACCBAB6435ADB12FACB8ED2A2550 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.05.05 15:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2013.03.13 16:22:13 | 000,004,125 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\CrackedCom.class
[2012.11.26 22:54:57 | 000,035,724 | ---- | M] () -- \Users\Meny\AppData\Roaming\uTorrent\Colin.Mcrae.Dirt.2.-.Full.ISO+CrAcK.torrent
[2012.11.28 23:34:54 | 000,016,940 | ---- | M] () -- \Users\Meny\AppData\Roaming\uTorrent\Need For Speed Carbon [FULL] + Crack.torrent
[2012.12.10 18:18:07 | 000,005,369 | ---- | M] () -- \Users\Meny\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp

< *keygen* /s >

< *loader* /s >
[2012.08.14 19:38:02 | 000,002,072 | ---- | M] () -- \Odkazy\Ostatní\MP3 Downloader.lnk
[2012.05.03 14:45:04 | 000,002,665 | ---- | M] () -- \Odkazy\Ostatní\Tor Browser\FirefoxPortable\App\Firefox\components\uriloader.xpt
[2012.05.03 14:44:46 | 000,002,101 | ---- | M] () -- \Odkazy\Ostatní\Tor Browser\FirefoxPortable\App\Firefox\chrome\browser\content\browser\safebrowsing\sb-loader.js
[2003.09.25 16:28:40 | 011,015,680 | ---- | M] () -- \Odkazy\Ostatní\Video návod Photoshop\vod do\CDV\AVIs\Vytvořen_ preloaderu.avi
[2003.08.10 08:03:14 | 000,361,984 | ---- | M] () -- \Odkazy\Ostatní\Video návod Photoshop\vod do\CDV\Soubory\Vytvořen_ preloaderu\Vytvořen_ preloaderu - v_choz_.fla
[2003.08.10 07:54:58 | 000,364,032 | ---- | M] () -- \Odkazy\Ostatní\Video návod Photoshop\vod do\CDV\Soubory\Vytvořen_ preloaderu\Vytvořen_ preloaderu - v_stup.fla
[2003.08.10 07:54:20 | 000,297,518 | ---- | M] () -- \Odkazy\Ostatní\Video návod Photoshop\vod do\CDV\Soubory\Vytvořen_ preloaderu\Vytvořen_ preloaderu - v_stup.swf
[2011.06.10 00:52:42 | 005,299,048 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 02:38:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 02:38:58 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010.10.07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.05.04 23:42:40 | 000,043,889 | ---- | M] () -- \Program Files\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2013.02.09 03:39:28 | 000,000,934 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_main.fen
[2012.05.22 09:43:16 | 000,214,528 | ---- | M] () -- \Program Files\JDownloader\JDownloader.exe
[2012.05.22 09:43:16 | 000,593,293 | ---- | M] () -- \Program Files\JDownloader\JDownloader.jar
[2012.05.22 09:43:16 | 000,218,816 | ---- | M] () -- \Program Files\JDownloader\JDownloaderBETA.exe
[2012.05.22 09:43:16 | 000,218,816 | ---- | M] () -- \Program Files\JDownloader\JDownloaderD3D.exe
[2012.05.22 09:43:16 | 000,219,264 | ---- | M] () -- \Program Files\JDownloader\JDownloaderPortable.exe
[2012.08.16 17:19:49 | 000,000,105 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2012.10.11 22:13:58 | 000,011,071 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2013.03.01 13:32:55 | 000,004,584 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2012.12.24 13:32:09 | 000,007,073 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\UploaderPl.class
[2012.05.22 09:43:16 | 000,032,222 | ---- | M] () -- \Program Files\JDownloader\licenses\jdownloader.license
[2012.05.03 18:38:36 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.05.21 04:03:06 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2010.03.12 11:26:56 | 000,143,523 | ---- | M] () -- \Program Files\RocketDock\Icons\j downloader (2).png
[2010.03.11 09:50:20 | 000,144,833 | ---- | M] () -- \Program Files\RocketDock\Icons\j downloader b.png
[2012.12.24 13:26:20 | 000,001,891 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.12.24 13:26:20 | 000,001,870 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.12.24 13:26:20 | 000,001,947 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.11.15 11:15:26 | 000,001,020 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer\DVBViewer Pro Downloader.lnk
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.24 13:26:20 | 000,001,891 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.12.24 13:26:20 | 000,001,870 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.12.24 13:26:20 | 000,001,947 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.11.15 11:15:26 | 000,001,020 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\DVBViewer\DVBViewer Pro Downloader.lnk
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.05.15 20:52:33 | 000,007,510 | ---- | M] () -- \Users\Meny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\02TFXO5J\loader[1].js
[2013.05.07 14:17:45 | 000,105,903 | ---- | M] () -- \Users\Meny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EF42TO01\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.05.07 14:17:45 | 000,000,753 | ---- | M] () -- \Users\Meny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GG090S09\AdLoader[1].htm
[2013.05.12 14:19:59 | 000,002,545 | ---- | M] () -- \Users\Meny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OTQUZF48\loader[1].gif
[2012.06.17 13:00:28 | 002,230,888 | ---- | M] () -- \Users\Meny\AppData\Local\Temp\{E96E02E5-075F-4633-9F71-626F955FC0CE}\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\IcqLoader.exe
[2013.04.07 20:57:20 | 000,094,081 | ---- | M] () -- \Users\Meny\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\Help\cs_CZ\CreativeSuite\CS5\Using\images\br_photo_downloader.png
[2013.04.07 20:57:05 | 000,025,994 | ---- | M] () -- \Users\Meny\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\Help\cs_CZ\DeviceCentral\CS5\ScriptedTestingReference\cs_cz\images\loaderInfo_object.jpg
[2012.12.24 13:26:33 | 000,001,947 | ---- | M] () -- \Users\Meny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2012.08.14 17:54:53 | 000,001,983 | ---- | M] () -- \Users\Meny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\JDownloader.lnk
[2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- \Users\Meny\AppData\Roaming\Seznam.cz\bin\431libfoxloader.dll
[2013.04.15 13:32:10 | 000,060,416 | ---- | M] () -- \Users\Meny\AppData\Roaming\Seznam.cz\bin\5999libfoxloader-x64.dll
[2013.04.08 00:59:48 | 000,000,163 | ---- | M] () -- \Users\Meny\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.03.21 11:28:36 | 000,031,549 | ---- | M] () -- \Users\Meny\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.0-win32.zip
[2013.03.25 16:27:20 | 000,000,665 | ---- | M] () -- \Users\Meny\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 16:27:26 | 000,000,117 | ---- | M] () -- \Users\Meny\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2012.02.07 18:37:14 | 000,008,192 | ---- | M] () -- \Users\Meny\AppData\Roaming\TorrentStream\engine\lib\_win32sysloader.pyd
[2012.09.13 14:09:56 | 000,000,553 | ---- | M] () -- \Users\Meny\AppData\Roaming\TorrentStream\player\skins\fs\default\1024\loader.png
[2012.09.13 14:09:56 | 000,000,686 | ---- | M] () -- \Users\Meny\AppData\Roaming\TorrentStream\player\skins\fs\default\1280\loader.png
[2012.09.13 14:09:56 | 000,000,686 | ---- | M] () -- \Users\Meny\AppData\Roaming\TorrentStream\player\skins\fs\default\1600\loader.png
[2012.09.13 14:09:56 | 000,001,239 | ---- | M] () -- \Users\Meny\AppData\Roaming\TorrentStream\player\skins\fs\default\1920\loader.png
[2012.09.13 14:09:56 | 000,000,453 | ---- | M] () -- \Users\Meny\AppData\Roaming\TorrentStream\player\skins\fs\default\800\loader.png
[2012.09.13 14:09:56 | 000,000,477 | ---- | M] () -- \Users\Meny\AppData\Roaming\TorrentStream\player\skins\nofs\default\playlist\loader.png
[2012.02.07 18:37:14 | 000,008,192 | ---- | M] () -- \Users\Meny\AppData\Roaming\TorrentStream\updater\lib\_win32sysloader.pyd
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2009.11.21 01:16:58 | 002,341,242 | R--- | M] () -- \Windows\Setup\SCRIPTS\WINDOWS7LOADER.exe
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[149 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 10:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 10:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 10:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2012.08.24 13:24:00 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012.08.24 13:24:00 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012.08.24 13:24:00 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

Tak ten vas znamy soukromnik, ktery dela PC za dobry peniz, vas pekne natahl...

V PC je zcela jasne videt crack, ktery slouzi k obchazeni nutnosti mit licenci zakoupenou (pri bezne kontrole projde system i vyse uvedenym overenim pravosti), dale mate v PC i nelegalni Microsoft Office.

To je minimalne poruseni pravidel fora, ale zcela urcite i autorskeho zakona. Nase forum nepodporuje piratsky SW

Aha zdálo se to nějaký levný..se tam stavím jestli to tam ještě funguje

Jsem zvedav na co se vymluvi