VIRY.CZ

Logfile of random's system information tool 1.08 (written by random/random)
Run by PC at 2013-06-27 15:46:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 9 GB (2%) free of 454 GB
Total RAM: 4095 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:47:11, on 27.6.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Vtune\TBPANEL.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\uTorrent.exe
C:\Users\PC\AppData\Roaming\WebCake\WebCakeDesktop.exe
C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchdwebs.info/?pid= ... Z&unqvl=22
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchdwebs.info/?pid= ... Z&unqvl=22
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: privitize Helper Object - {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\bh\privitize.dll
O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll
O2 - BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: privitize Toolbar - {1C46A0DD-D53E-46C4-A435-CA11103E255E} - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitizeTlbr.dll
O3 - Toolbar: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [4StoryPrePatch] D:\Games\4Story_CZ\PrePatch.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~2.EXE
O4 - HKCU\..\Run: [TBPanel] C:\Program Files (x86)\Vtune\TBPanel.exe /A
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [StickyPassword] "C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [WebCake Desktop] "C:\Users\PC\AppData\Roaming\WebCake\WebCakeDesktop.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~3\wincert\win32c~1.dll c:\progra~2\search~1\datamngr\mgrldr.dll c:\progra~2\safesa~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files (x86)\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebCake Desktop Updater - WebCake LLC - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11413 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2e8
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {9C33BBA4-4C52-4155-8A7E-E5CA4DEB24A1}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Vtune\TBPANEL.exe" /A
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Users\PC\AppData\Roaming\WebCake\WebCakeDesktop.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
szndesktop.exe default start
"C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe" "C:\Users\PC\AppData\Roaming\WebCake\WebCakeDesktop.exe"
"C:\Users\PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1139546305466848734-11139552835037933621527169480-1353184905-835767525945443757
"C:\Program Files (x86)\Search Results Toolbar\Datamngr\DatamngrUI.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
"C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 3368
"C:\Program Files (x86)\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3780.0.1342409575\928019693" --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x0e23 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/4/OneClickSignIn/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="3780.2.2109031603\1565244551" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 548 552 560 65536 556
"C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/4/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="3780.3.1228664495\622524452" /prefetch:673131151
"C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/4/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="3780.4.1896572672\564723553" /prefetch:673131151
"C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3780.5.1493831470\1108497403" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/4/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="3780.6.818318413\1734502788" /prefetch:673131151
"C:\Users\PC\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}]
privitize Helper Object - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\bh\privitize.dll [2013-05-21 299928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}]
WebCake - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll [2013-06-07 197912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377e5d4d-77e5-476a-8716-7e70a9272da0}]
Search-Results Toolbar - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll [2012-12-07 89288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]
{1C46A0DD-D53E-46C4-A435-CA11103E255E} - privitize Toolbar - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitizeTlbr.dll [2013-05-21 288152]
{377e5d4d-77e5-476a-8716-7e70a9272da0} - Search-Results Toolbar - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll [2012-12-07 89288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TBPanel"=C:\Program Files (x86)\Vtune\TBPanel.exe [2010-10-22 2158592]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-20 136176]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-04-19 18678376]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-03-17 3093624]
"StickyPassword"=C:\Program Files (x86)\Sticky Password\stpass.exe /autorunned []
"uTorrent"=C:\Program Files (x86)\uTorrent.exe [2013-05-15 802136]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2013-06-07 1641896]
"WebCake Desktop"=C:\Users\PC\AppData\Roaming\WebCake\WebCakeDesktop.exe [2013-06-07 47896]
"cz.seznam.software.autoupdate"=C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-12-04 2792448]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-05-09 4858968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"4StoryPrePatch"=D:\Games\4Story_CZ\PrePatch.exe []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"DATAMNGR"=C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~2.EXE [2013-05-08 3364352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\SEARCH~1\Datamngr\x64\mgrldr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-06-27 09:04:29 ----D---- C:\ProgramData\StarApp
2013-06-27 08:36:31 ----D---- C:\Users\PC\AppData\Roaming\EZDownloader
2013-06-27 08:22:43 ----D---- C:\Program Files (x86)\WebSearch
2013-06-27 08:22:35 ----D---- C:\ProgramData\BetterSoft
2013-06-27 08:22:20 ----D---- C:\Program Files (x86)\SafeSaver
2013-06-27 08:21:23 ----D---- C:\ProgramData\InstallMate
2013-06-27 08:04:10 ----A---- C:\Windows\system32\drivers\aswSP.sys.sum
2013-06-27 08:04:10 ----A---- C:\Windows\system32\drivers\aswSnx.sys.sum
2013-06-26 12:56:39 ----D---- C:\Program Files (x86)\MagicISO
2013-06-26 02:05:00 ----D---- C:\ProgramData\Browser Manager
2013-06-25 23:33:06 ----D---- C:\ProgramData\Wincert
2013-06-25 23:32:42 ----D---- C:\Program Files (x86)\Search Results Toolbar
2013-06-25 23:32:41 ----D---- C:\ProgramData\Datamngr
2013-06-23 22:12:52 ----D---- C:\Program Files (x86)\Lightspark 0.5.3-git
2013-06-23 22:12:47 ----D---- C:\Program Files (x86)\Seznam.cz
2013-06-23 22:12:24 ----D---- C:\Users\PC\AppData\Roaming\Seznam.cz
2013-06-23 22:12:16 ----D---- C:\Users\PC\AppData\Roaming\WebCake
2013-06-23 22:12:16 ----D---- C:\Program Files (x86)\WebCake
2013-06-23 22:12:08 ----D---- C:\ProgramData\Tarma Installer
2013-06-23 21:30:55 ----D---- C:\Program Files (x86)\Steam
2013-06-23 00:38:13 ----D---- C:\Users\PC\AppData\Roaming\ParetoLogic
2013-06-23 00:38:13 ----D---- C:\Users\PC\AppData\Roaming\DriverCure
2013-06-23 00:37:50 ----D---- C:\ProgramData\ParetoLogic
2013-06-16 11:59:10 ----D---- C:\Program Files (x86)\Google
2013-06-15 20:41:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-06-15 20:41:44 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-06-15 20:41:44 ----A---- C:\Windows\system32\urlmon.dll
2013-06-15 20:41:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-06-15 20:41:43 ----A---- C:\Windows\system32\iertutil.dll
2013-06-15 20:41:42 ----A---- C:\Windows\system32\ieui.dll
2013-06-15 20:41:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-06-15 20:41:40 ----A---- C:\Windows\system32\ieframe.dll
2013-06-15 20:41:38 ----A---- C:\Windows\system32\mshtml.dll
2013-06-15 20:41:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-06-12 21:45:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-06-12 21:45:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-06-12 21:45:53 ----A---- C:\Windows\system32\iesetup.dll
2013-06-12 21:45:53 ----A---- C:\Windows\system32\iernonce.dll
2013-06-12 21:45:52 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-06-12 21:45:52 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-06-12 21:45:52 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-12 21:45:52 ----A---- C:\Windows\system32\iesysprep.dll
2013-06-12 21:45:52 ----A---- C:\Windows\system32\ie4uinit.exe
2013-06-12 21:45:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-06-12 21:45:51 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-12 21:45:50 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-06-12 21:45:50 ----A---- C:\Windows\system32\jscript9.dll
2013-06-12 21:45:50 ----A---- C:\Windows\system32\jscript.dll
2013-06-12 21:45:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-06-12 21:45:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-06-12 21:45:47 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-12 21:45:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-06-12 21:45:46 ----A---- C:\Windows\system32\wininet.dll
2013-06-12 14:16:20 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 14:16:18 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 14:16:18 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 14:16:11 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 14:16:11 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 14:16:06 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-06-12 14:16:06 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-12 14:16:03 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 14:16:03 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 14:16:03 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 14:16:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 14:16:02 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 14:16:02 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 14:16:02 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 14:16:02 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 14:16:02 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 14:16:02 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 14:15:56 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-06-12 14:15:56 ----A---- C:\Windows\system32\d3d11.dll
2013-06-09 14:32:33 ----D---- C:\ProgramData\Orbit
2013-06-09 14:29:22 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-06-09 14:29:19 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-06-08 19:30:57 ----D---- C:\ProgramData\Steam
2013-06-05 21:06:05 ----D---- C:\Users\PC\AppData\Roaming\DownLite
2013-06-05 21:04:21 ----D---- C:\Program Files (x86)\Industriya
2013-06-05 21:04:18 ----D---- C:\Users\PC\AppData\Roaming\Industriya
2013-05-31 20:20:53 ----D---- C:\Windows\rescache
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-05-29 21:38:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\wextract.exe
2013-05-29 21:38:55 ----A---- C:\Windows\system32\webcheck.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\vbscript.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\url.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-05-29 21:38:55 ----A---- C:\Windows\system32\pngfilt.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\occache.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-05-29 21:38:55 ----A---- C:\Windows\system32\msrating.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\msls31.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\mshtmler.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\mshta.exe
2013-05-29 21:38:55 ----A---- C:\Windows\system32\msfeedssync.exe
2013-05-29 21:38:55 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\licmgr10.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\inseng.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\imgutil.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\iexpress.exe
2013-05-29 21:38:55 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-29 21:38:55 ----A---- C:\Windows\system32\iepeers.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\iedkcs32.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\ieapfltr.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\icardie.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\elshyph.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\dxtrans.dll
2013-05-29 21:38:55 ----A---- C:\Windows\system32\dxtmsft.dll

======List of files/folders modified in the last 1 months======

2013-06-27 15:47:10 ----D---- C:\Program Files\trend micro
2013-06-27 15:45:20 ----D---- C:\Windows\Temp
2013-06-27 15:45:09 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2013-06-27 15:45:06 ----D---- C:\Users\PC\AppData\Roaming\Skype
2013-06-27 15:43:52 ----D---- C:\ProgramData\NVIDIA
2013-06-27 15:35:14 ----D---- C:\Program Files (x86)\World_of_Tanks
2013-06-27 10:01:43 ----D---- C:\Windows\SysWOW64
2013-06-27 09:07:17 ----RD---- C:\Program Files (x86)
2013-06-27 09:04:29 ----HD---- C:\ProgramData
2013-06-27 08:49:29 ----D---- C:\Windows\system32\config
2013-06-27 08:22:39 ----D---- C:\Windows\Prefetch
2013-06-27 08:04:10 ----D---- C:\Windows\system32\drivers
2013-06-26 16:02:43 ----D---- C:\ProgramData\PMB Files
2013-06-26 03:05:28 ----SHD---- C:\System Volume Information
2013-06-24 21:20:11 ----D---- C:\Program Files (x86)\The Elder Scrolls V Skyrim
2013-06-24 08:41:08 ----D---- C:\Windows\System32
2013-06-24 08:41:08 ----D---- C:\Windows\inf
2013-06-24 08:41:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-06-23 22:15:22 ----D---- C:\Windows\system32\Tasks
2013-06-23 22:15:21 ----D---- C:\Windows\Tasks
2013-06-23 21:31:05 ----SHD---- C:\Windows\Installer
2013-06-23 00:51:06 ----D---- C:\Program Files (x86)\Common Files
2013-06-20 15:12:31 ----D---- C:\Windows\system32\catroot2
2013-06-16 11:50:00 ----D---- C:\Windows
2013-06-16 02:53:33 ----D---- C:\Windows\winsxs
2013-06-16 02:53:07 ----D---- C:\Program Files (x86)\Internet Explorer
2013-06-16 02:53:06 ----D---- C:\Program Files\Internet Explorer
2013-06-15 20:41:58 ----D---- C:\Windows\system32\catroot
2013-06-13 19:09:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-06-13 19:09:09 ----D---- C:\Windows\system32\cs-CZ
2013-06-12 21:46:25 ----A---- C:\Windows\system32\MRT.exe
2013-06-12 17:31:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-06-09 14:27:54 ----RSD---- C:\Windows\assembly
2013-06-09 14:16:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-06-08 19:30:58 ----D---- C:\ProgramData\Codemasters
2013-05-30 19:20:44 ----D---- C:\Windows\Panther
2013-05-30 19:19:43 ----D---- C:\Windows\SYSWOW64\migration
2013-05-30 19:19:42 ----D---- C:\Windows\SYSWOW64\en-US
2013-05-30 19:19:40 ----D---- C:\Windows\system32\migration
2013-05-30 19:19:40 ----D---- C:\Windows\system32\en-US
2013-05-30 19:19:40 ----D---- C:\Windows\PolicyDefinitions
2013-05-29 21:43:13 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-05-09 189936]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-27 1030440]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-27 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-06 254528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-04-08 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-04-08 43680]
R3 netr7364;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-11-25 1276928]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-02-23 1847296]
S3 cpuz134;cpuz134; \??\C:\Users\PC\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2009-11-19 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2009-11-19 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2009-11-19 158320]
S3 TBPanel;TBPanel; C:\Windows\system32\drivers\TBPanel.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-05-09 46808]
R2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files (x86)\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe [2013-05-08 3022848]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-06-09 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 WebCake Desktop Updater;WebCake Desktop Updater; C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [2013-06-07 23552]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-16 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-03 1259880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-04-19 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-16 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-07 543656]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-05 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by PC on źt 27.06.2013 at 17:55:07,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\datamngr
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1C46A0DD-D53E-46C4-A435-CA11103E255E}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{377e5d4d-77e5-476a-8716-7e70a9272da0}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1885314319-1773555036-2269745920-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\ilividsrtb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A8B37200-0401-4D7B-A9C4-6B4AA015D168}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DC3A643E-237D-4DAB-89B5-BD41D13A6781}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\bettersoft"
Successfully deleted: [Folder] "C:\ProgramData\datamngr"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\PC\AppData\Roaming\industriya"
Successfully deleted: [Folder] "C:\Users\PC\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\PC\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\industriya"
Failed to delete: [Folder] "C:\Program Files (x86)\search results toolbar"
Failed to delete: [Folder] "C:\Program Files (x86)\websearch"
Successfully deleted: [Folder] "C:\ProgramData\ask"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 27.06.2013 at 17:58:55,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


AdwCleaner:

# AdwCleaner v2.303 - Log vytvooen 27/06/2013 v 18:02:37
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : PC - SKYCOM-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\PC\Downloads\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****

Nalezeno : DatamngrCoordinator
Nalezeno : WebCake Desktop Updater

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Search Results Toolbar
Složka Nalezeno : C:\Program Files (x86)\WebCake
Složka Nalezeno : C:\Program Files (x86)\WebSearch
Složka Nalezeno : C:\ProgramData\Browser Manager
Složka Nalezeno : C:\ProgramData\ParetoLogic
Složka Nalezeno : C:\Users\PC\AppData\Roaming\ParetoLogic
Složka Nalezeno : C:\Users\PC\AppData\Roaming\WebCake

***** [Registry] *****

Data Nalezeno : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\mgrldr.dll
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Klíe Nalezeno : HKCU\Software\APN DTX
Klíe Nalezeno : HKCU\Software\BI
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbajpeofkjjeiamcglnmldoboonfkiol
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Klíe Nalezeno : HKLM\SOFTWARE\Tarma Installer

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Registry jsou eisté.

-\\ Google Chrome v27.0.1453.116

Soubor : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nalezeno [l.2428] : homepage = "hxxp://www.searchnu.com/406?appid=834",
Nalezeno [l.3199] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406?appid=834" ]

*************************

AdwCleaner[R1].txt - [6680 octets] - [27/06/2013 18:02:37]

########## EOF - C:\AdwCleaner[R1].txt - [6740 octets] ##########

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

# AdwCleaner v2.303 - Log vytvooen 27/06/2013 v 19:12:03
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : PC - SKYCOM-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\PC\Downloads\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****

Zastaveno & vymazáno : DatamngrCoordinator
Zastaveno & vymazáno : WebCake Desktop Updater

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\WebCake
Složka Vymazáno : C:\ProgramData\ParetoLogic
Složka Vymazáno : C:\Users\PC\AppData\Roaming\ParetoLogic
Složka Vymazáno : C:\Users\PC\AppData\Roaming\WebCake
Vymazáno poi restartu : C:\Program Files (x86)\Search Results Toolbar
Vymazáno poi restartu : C:\Program Files (x86)\WebSearch
Vymazáno poi restartu : C:\ProgramData\Browser Manager

***** [Registry] *****

Data Vymazáno : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\mgrldr.dll
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Klíe Vymazáno : HKCU\Software\APN DTX
Klíe Vymazáno : HKCU\Software\BI
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Klíe Vymazáno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Klíe Vymazáno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1ACB5ABE-4890-4747-952C-F13BDB93FB75}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbajpeofkjjeiamcglnmldoboonfkiol
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Klíe Vymazáno : HKLM\SOFTWARE\Tarma Installer

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Registry jsou eisté.

-\\ Google Chrome v27.0.1453.116

Soubor : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazáno [l.2428] : homepage = "hxxp://www.searchnu.com/406?appid=834",
Vymazáno [l.3205] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406?appid=834" ]

*************************

AdwCleaner[R1].txt - [6785 octets] - [27/06/2013 18:02:37]
AdwCleaner[S1].txt - [6780 octets] - [27/06/2013 19:12:03]

########## EOF - C:\AdwCleaner[S1].txt - [6840 octets] ##########

Uvolnete nejake volne misto na disku (System drive C: has 9 GB (2%) free of 454 GB) - system se dusi, volne misto nechte tak kolem 10-15GB, disk je dosti velky

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Extras:

OTL Extras logfile created on: 27.6.2013 19:32:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,08% Memory free
8,00 Gb Paging File | 5,87 Gb Available in Paging File | 73,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,13 Gb Total Space | 35,23 Gb Free Space | 7,95% Space Free | Partition Type: NTFS
Drive D: | 488,28 Gb Total Space | 269,34 Gb Free Space | 55,16% Space Free | Partition Type: NTFS
Drive E: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 10,95 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SKYCOM-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{238CC6E9-5B63-459F-BEF3-0D0A0958BC1A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{28CE1833-6F7F-4825-A38C-BC1FE4949D33}" = rport=138 | protocol=17 | dir=out | app=system |
"{352CE2B0-680D-464C-BC8C-A5E9B3A46E05}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{40BEC5BF-7039-40DF-8CA2-FE83B2791996}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{42A4FB47-4B47-4678-837D-41C3FACC3DC7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5D0EC694-3590-4B71-BC1C-EE872F53C525}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5E401993-5DC5-4640-803E-B8C02FD3E250}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{64C9D3F6-73F1-498B-A096-B6A02E6263F8}" = lport=137 | protocol=17 | dir=in | app=system |
"{7D5B1CD0-507E-43EA-AA14-5DBA3A98C5A2}" = rport=137 | protocol=17 | dir=out | app=system |
"{7E413CE3-CC0F-4091-A04B-B0146D9F1EE0}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{94FE6E9E-D64B-49BE-B67A-0CD9BD160827}" = lport=445 | protocol=6 | dir=in | app=system |
"{A1F73914-7E03-43C7-8164-8C6C4E5BCCEC}" = lport=139 | protocol=6 | dir=in | app=system |
"{AD41B824-ED62-43B3-B9B2-502BBBAAB561}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C332E08B-B4A6-4FB4-8549-C1A630D5E021}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CFEBF06B-304B-4F02-B314-6B8AC0EE2AEC}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E10E1911-BBE1-4C2A-A04A-30331BD250A0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E13C4E40-472B-4CAB-8366-962F535F5982}" = rport=445 | protocol=6 | dir=out | app=system |
"{E449EDC4-DD9B-4FF7-B3C4-8A837FDE3405}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F822DDCA-AB87-475E-8596-A4AE79F83EAF}" = lport=138 | protocol=17 | dir=in | app=system |
"{FB891E1A-79AD-4CFC-9311-1A909C19F4AA}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04384016-FC91-4963-B2A5-2AE3CED7AB36}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{06CAE7A7-2BAD-4E26-A3CA-81E2F13C14A6}" = protocol=6 | dir=in | app=d:\games\far cry 3\bin\farcry3_d3d11.exe |
"{0BB96DFA-0410-43B9-AEB2-C5FFC1B7029D}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{0C60F1F3-111E-4D7A-8B95-22D5C9F57DC1}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{0E2A561A-D403-415E-B5E5-3AC7C7BE7B2F}" = protocol=6 | dir=in | app=d:\games\need for speed most wanted\nfs13.exe |
"{0E9E2685-2CB5-4973-AA36-405FC5BE8845}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{149F36B9-39CD-4AEE-8812-716FA7FE1C90}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1596F611-3C19-43DF-8C73-3AD42D5F2FAC}" = protocol=17 | dir=in | app=c:\users\pc\downloads\wow-3.2.0-enus-patch.exe |
"{17169685-6072-47E1-8CA5-8AC205C0DF8E}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent.exe |
"{17C8AC95-D521-4ABF-AD8D-4E16B178D43B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{1AD4663E-3508-4001-ADFF-90E1207D6966}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{1CD91E02-194D-4F54-B55D-3AB5438834BB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{1CE6918D-8A38-42C1-AD7B-6D2000E90F21}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1DEF40E0-484B-4119-A7D3-F19CBCCA605B}" = protocol=17 | dir=in | app=d:\games\war thunder\launcher.exe |
"{1F93B20B-278C-455D-B084-6C0C1FE4BD48}" = protocol=17 | dir=in | app=d:\happycloud\cache\the lord of the rings online\turbinelauncher.exe |
"{224A7FAE-CA7A-483F-B878-89CB340D30EF}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{244AFFA9-FE91-404F-AAEC-EDDF2950A484}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2CDE5326-2941-48DB-9A83-7FB11E604883}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{2FAF6793-BDF9-48AC-A834-394C9647A1CC}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age 2\bin_ship\dragonage2.exe |
"{3128DC5E-E93C-42C7-988A-7409AC66CC80}" = protocol=6 | dir=in | app=d:\games\far cry 3\bin\farcry3.exe |
"{3415AFBD-0F2C-47E1-B606-DA6ECC5A643D}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{35E4FB6A-1112-4081-BDEF-A93C6F170759}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{37B99B8A-EE56-4322-941E-7C5576A3EA6D}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age 2\bin_ship\dragonage2.exe |
"{4404B080-09B2-425C-904A-47FAA92B1E4D}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{445121E3-7890-4CCE-BD40-8DC6B670C88D}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{4502C939-0A67-4108-9D2C-760AEEC708F3}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age 2\dragonage2launcher.exe |
"{459A0B49-F7A6-4BC8-8D0C-3E7CA047B1BF}" = protocol=6 | dir=in | app=d:\games\war thunder\launcher.exe |
"{487710E7-DA1C-4A28-B903-1E2E81FA99B8}" = protocol=17 | dir=in | app=c:\program files (x86)\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{48815DFF-A72D-4CB7-8A43-FAA805CC86E1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{4A9FBA1B-C93E-42E0-A924-D0B5327F6B17}" = protocol=17 | dir=in | app=d:\games\need for speed most wanted\nfs13.exe |
"{4BE3F108-6335-4F6B-AC7B-BC367DC93492}" = protocol=17 | dir=in | app=d:\happycloud\cache\the lord of the rings online\lotroclient.exe |
"{5396033F-D4D5-492B-877A-9CDB7D33032F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{53C82286-587F-4F18-B0F0-A00091391AB0}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{5603214B-0AA5-4A07-98F0-61C653A81674}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{589329EB-E492-4C82-80DA-25DA16931743}" = protocol=6 | dir=in | app=c:\program files (x86)\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{5BB3C58A-30DC-4BD9-9C88-24C3BE662C40}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{5BC3F3AB-CC30-45B8-BC89-0C19386419E3}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{5C4178AE-1CBF-4753-8C69-B0360C58F912}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{5EC8124F-276A-4336-A2E2-E19FF81C9BB5}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent.exe |
"{5F738C13-E8B1-4804-838A-6898656EDD75}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{60571EC5-DAB9-4F5C-BF80-5B0B1908D627}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{613EC07A-B878-401B-B89E-D1FAFA447872}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{62D5F957-F9A3-4239-857A-56347C9F0765}" = dir=in | app=c:\program files (x86)\kalypso media\port royale 3\portroyale3.exe |
"{64FC25E1-66FE-4BD4-9B7D-FA23C3E7B65D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{6B68B2A7-C194-42B5-90BE-2A82DC91054C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{71F1886E-68C3-4FC8-BB8A-E3D072C95350}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{72EE404F-1CAC-4640-8A24-98046D50B31A}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{774009F8-ABFE-459E-B0BD-23E7692DAAE3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{776B37B0-F9BE-4E70-9E8F-CFC6AA696370}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{7878938E-B61C-4265-B348-7265DDF43C32}" = protocol=17 | dir=in | app=d:\games\starcraft ii\starcraft ii public test.exe |
"{79B65179-6762-4B8C-9692-D2AF87831857}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age 2\dragonage2launcher.exe |
"{839A88C0-B8A1-473D-B75E-A5B8609692BA}" = protocol=6 | dir=in | app=d:\games\far cry 3\bin\fc3updater.exe |
"{84181C2A-03E9-4B27-B104-D09F5D868626}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{863E2832-FC67-499C-B34A-2ED423A71E09}" = protocol=6 | dir=in | app=d:\games\battlefield 3™\bf3.exe |
"{89B83FDD-75F9-4608-A1D8-7B5373C82625}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8D86E333-AF6D-48AA-ADD5-A5C895069409}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8F6E2BDF-8EA2-4311-9D13-66EAB247D0DC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{935EF60B-E373-4054-B909-17CEA8332566}" = protocol=17 | dir=in | app=d:\games\starcraft ii\starcraft ii.exe |
"{93FA0EA1-A47D-4519-A88B-4A74BC93C6D4}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\blizzard entertainment\world of warcraft\uninstall.exe |
"{98DED07E-E992-44CE-A906-8D2B1DA396A2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{9B2C9B3A-E981-40DE-AF0E-89289392A843}" = protocol=6 | dir=in | app=d:\happycloud\cache\the lord of the rings online\turbinelauncher.exe |
"{9DE158DF-56EE-4553-8C3D-6CE1A5AD9FA1}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{A06B86E7-6975-4244-B4B4-4BE25641C8A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A40DF189-8D2B-4282-A11A-50A2CF99AF36}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{A7270C14-9370-4437-B518-FD1E8D05E796}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A89A297A-E2A5-4490-A1C2-82C18CE28D7B}" = protocol=17 | dir=in | app=d:\games\battlefield 3™\bf3.exe |
"{A9CC0DCB-094B-4684-A79E-EB2D39D219ED}" = protocol=6 | dir=in | app=d:\games\far cry 3\bin\fc3editor.exe |
"{B7161B83-6050-40B0-83A8-E0B465994F46}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\blizzard entertainment\world of warcraft\uninstall.exe |
"{B7E0D926-A82C-4DD0-ACB5-66E68B78B021}" = protocol=6 | dir=in | app=d:\happycloud\cache\the lord of the rings online\lotroclient.exe |
"{B8B47AB3-AD5E-4037-91F6-82DA3BF6F700}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B943BAE4-7490-482E-8466-36836981E79C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\might & magic heroes vi\might & magic heroes vi.exe |
"{B9E30015-074E-4AE3-B869-1006A14FFC69}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{BA478817-1259-4188-9861-EF16D66B326A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{BBE54FCC-177B-4A69-92B4-1DD22F2CA694}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{BCF817A4-AAC9-412B-873F-E4B13C6F86E5}" = protocol=17 | dir=in | app=d:\games\far cry 3\bin\farcry3_d3d11.exe |
"{BEDDC59A-59D0-4776-A307-9B8803BD107A}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{C069723A-D832-4A86-9421-6F6F70D026D2}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"{C3EAE248-2725-44F6-934D-1AE828809980}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{D35C7373-CB45-4EC6-B8D7-768683251AB3}" = protocol=17 | dir=in | app=d:\games\far cry 3\bin\fc3updater.exe |
"{D5BCE026-60A9-4364-AA14-9F48A5BF6F06}" = protocol=6 | dir=in | app=d:\games\starcraft ii\starcraft ii public test.exe |
"{D856C0A5-4243-49F0-9E1D-C33850FF055A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{DCE5A6E9-0639-440B-ACA1-13F0190AB45A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{DEB46F5B-F9F6-487F-A130-927E9A03A509}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{E0D89EE9-9A22-42DC-80E1-929A4CB32147}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{E33841B6-3BBB-499A-9F61-EE79BB6FB818}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{E5E3B058-0675-4DF0-9154-F19532D39BCB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{E854E624-AE7C-4FDF-9585-8954A988C5D7}" = protocol=17 | dir=in | app=d:\games\far cry 3\bin\fc3editor.exe |
"{E9879674-4DCD-4FEE-8458-84002F48BD3D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{EB999B1C-6844-443B-94A0-A1B18EE94CDF}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\might & magic heroes vi\might & magic heroes vi.exe |
"{EC105FFF-A2D9-461E-BFD0-50098D673362}" = protocol=17 | dir=in | app=d:\games\far cry 3\bin\farcry3.exe |
"{F353F93F-5EC0-4F48-8F8F-D9929F242D5D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F80E92AE-7222-472B-A422-C82825DF099F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{FB4BB892-BC5F-4A12-BC47-571E2B2218B1}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"{FB81398D-7F51-4483-9EC3-00E6264CC8CC}" = protocol=6 | dir=in | app=c:\users\pc\downloads\wow-3.2.0-enus-patch.exe |
"{FCDBF13D-BD91-447C-ABEA-A4442AD6ED92}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{FDA6A670-C38C-4A99-8EF7-10640A9FBD24}" = protocol=6 | dir=in | app=d:\games\starcraft ii\starcraft ii.exe |
"TCP Query User{01C1E6A1-0FF1-46A0-9F1A-F983B21F26D8}C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe |
"TCP Query User{07627CCE-C316-495A-9759-89DDA980935A}D:\games\call of duty black ops ii\t6sp.exe" = protocol=6 | dir=in | app=d:\games\call of duty black ops ii\t6sp.exe |
"TCP Query User{08BF0509-1176-4C28-8331-371C59F55920}C:\program files (x86)\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world_of_tanks\wotlauncher.exe |
"TCP Query User{13D3CA51-5729-469E-AB12-BA098BEABB04}C:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe |
"TCP Query User{177B7F35-3216-482D-9F67-94F19F150648}C:\program files (x86)\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\the witcher 2\bin\witcher2.exe |
"TCP Query User{1854EDFA-1F18-4887-85CD-2124A668CEE1}D:\games\heroes & generals\live\hng.exe" = protocol=6 | dir=in | app=d:\games\heroes & generals\live\hng.exe |
"TCP Query User{207184B9-155D-46D2-946B-5E04C0C17CE2}C:\program files (x86)\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world_of_tanks\worldoftanks.exe |
"TCP Query User{2EF3B3E0-9A3F-4CCC-B4D2-B8D46C26F2BD}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"TCP Query User{34824CED-5289-475E-A71D-C708C9325E79}C:\program files (x86)\chivalry medieval warfare\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\chivalry medieval warfare\binaries\win32\udk.exe |
"TCP Query User{6A1191BC-7C39-4BC4-AD10-87465B0418D4}D:\games\assassin's creed iii\ac3sp.exe" = protocol=6 | dir=in | app=d:\games\assassin's creed iii\ac3sp.exe |
"TCP Query User{9DE436F7-0F1C-45B0-9BC7-47FBF337889A}C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe |
"TCP Query User{B072D7BC-2443-4DCD-82A1-E7633AE2B739}D:\games\call of duty black ops ii\t6mp.exe" = protocol=6 | dir=in | app=d:\games\call of duty black ops ii\t6mp.exe |
"TCP Query User{C39A3E0E-B286-40E1-8691-75CFDA13AC69}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"TCP Query User{E21D0BCC-B49A-4752-9D93-94B0394BB1D3}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"UDP Query User{037BB2E6-2B20-460A-A647-A5B56F28636E}C:\program files (x86)\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world_of_tanks\wotlauncher.exe |
"UDP Query User{0DF6B13F-4002-40DB-86DC-0E8E9220CC75}C:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackopsmp.exe |
"UDP Query User{0F02A40B-CF76-41B9-B84A-AE753559EB96}C:\program files (x86)\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\the witcher 2\bin\witcher2.exe |
"UDP Query User{171ACB31-1699-45EE-A87A-48F0A3F29438}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"UDP Query User{26CEF566-6D32-45F2-AA09-78296EE894CB}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{58B0D583-FB63-472D-B40F-E29807647CF2}D:\games\call of duty black ops ii\t6sp.exe" = protocol=17 | dir=in | app=d:\games\call of duty black ops ii\t6sp.exe |
"UDP Query User{7097F5C3-98E8-439E-9983-7E65BBEC4CC2}C:\program files (x86)\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world_of_tanks\worldoftanks.exe |
"UDP Query User{91D34E09-8487-4601-8E6E-F602E5E5A68A}D:\games\assassin's creed iii\ac3sp.exe" = protocol=17 | dir=in | app=d:\games\assassin's creed iii\ac3sp.exe |
"UDP Query User{954B626F-06F6-4428-B79A-93DEC3BAA952}D:\games\heroes & generals\live\hng.exe" = protocol=17 | dir=in | app=d:\games\heroes & generals\live\hng.exe |
"UDP Query User{98FA0FDF-92D8-4BE3-9A81-0D1D7B770B9A}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"UDP Query User{9D8C8C09-439B-4783-9CB0-228A5D4208A1}C:\program files (x86)\chivalry medieval warfare\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\chivalry medieval warfare\binaries\win32\udk.exe |
"UDP Query User{A33718A2-C2DF-40C4-8F9C-45AAF620EDFE}C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe |
"UDP Query User{B7536B62-80B1-4374-86C0-12D5ED400E1C}C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe |
"UDP Query User{DF103BB2-14AF-4B2A-88DE-011B2AFEA902}D:\games\call of duty black ops ii\t6mp.exe" = protocol=17 | dir=in | app=d:\games\call of duty black ops ii\t6mp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 311.06
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}" = TP-LINK Wireless Client Utility
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018302}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018303}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018304}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018305}" = Fable III
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{68DED384-1F74-4AEE-8B8E-95AF15572FE3}" = Port Royale 3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72932C55-8C56-40E9-82C8-26CFC968EF81}_is1" = Drahyho Program 3.6
"{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{989FB5FD-9B00-4B32-8663-849CB1370DD1}" = Google Drive
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed III 1.01
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 7.1
"{BAF5914B-5730-4373-B038-9F436AC6A0D6}" = Rayman3
"{BCECC8FA-31AD-487A-A8C4-1C9C5454F9C6}_is1" = Mockba to Berlin
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.148
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"AbiWord2" = AbiWord 2.9.2
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Assassin's Creed III_R.G. Mechanics_is1" = Assassin's Creed III
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"Call of Duty Black Ops II_is1" = Call of Duty Black Ops II
"Call of Duty BO2 MP_is1" = Call of Duty BO2 MP
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"DAEMON Tools Lite" = DAEMON Tools Lite
"EADM" = EA Download Manager
"Electronic Arts Game Updater" = Electronic Arts Game Updater
"FormatFactory" = FormatFactory 3.00
"Heroes & Generals" = Heroes & Generals
"ilividtoolbargaw" = Search-Results Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.8.0 (Basic)
"Lightspark" = Lightspark 0.5.3-git
"Magic ISO Maker v5.4 (build 0239)" = Magic ISO Maker v5.4 (build 0239)
"MediaCoder" = MediaCoder 0.8.14
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.1.1.5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MySSID_is1" = Vtune 7.14
"Need for Speed Most Wanted_is1" = Need for Speed Most Wanted
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"privitize" = toolbar
"Přijímací zkoušky na střední školy" = Přijímací zkoušky na střední školy
"PunkBusterSvc" = PunkBuster Services
"Q2FsbG9mSnVhcmV6R3Vuc2xpbmdlcg==_is1" = Call of Juarez Gunslinger (c) Ubisoft version 1
"R1JJRDI=_is1" = GRID 2 (c) Codemasters version 1
"Risen 2 Dark Waters_is1" = Risen 2 Dark Waters
"SP_4e24eecb" = Search Assistant WebSearch 1.74
"SP_f5d3e0aa" = SafeSaver 1.74
"StarCraft II" = StarCraft II
"SumatraPDF" = SumatraPDF
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Elder Scrolls V Skyrim Dragonborn (c) Bethes~300CD4A2_is1" = The Elder Scrolls V Skyrim Dragonborn (c) Bethesda Softworks version 1
"The KMPlayer" = The KMPlayer (remove only)
"Torchlight II (c) Runic Games_is1" = Torchlight II (c) Runic Games version 1
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1885314319-1773555036-2269745920-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"c8c75cfa6b8b223c" = Twinstar-Launcher
"Google Chrome" = Google Chrome
"HappyCloud" = Happy Cloud Client
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ System Events ]
Error - 27.6.2013 12:58:18 | Computer Name = Skycom-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 27.6.2013 13:13:53 | Computer Name = Skycom-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\StarOpen.SYS bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 27.6.2013 13:14:14 | Computer Name = Skycom-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: StarOpen

Error - 27.6.2013 13:16:15 | Computer Name = Skycom-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 27.6.2013 13:16:15 | Computer Name = Skycom-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069


< End of report >

OTL:

OTL logfile created on: 27.6.2013 19:32:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,08% Memory free
8,00 Gb Paging File | 5,87 Gb Available in Paging File | 73,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,13 Gb Total Space | 35,23 Gb Free Space | 7,95% Space Free | Partition Type: NTFS
Drive D: | 488,28 Gb Total Space | 269,34 Gb Free Space | 55,16% Space Free | Partition Type: NTFS
Drive E: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 10,95 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SKYCOM-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.06.27 19:30:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Downloads\OTL.exe
PRC - [2013.06.09 14:29:19 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.05.15 19:41:38 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Program Files (x86)\uTorrent.exe
PRC - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2013.03.17 13:35:55 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.11.08 13:53:10 | 001,516,544 | ---- | M] (Home of Gamehacking) -- C:\Users\PC\AppData\Local\Temp\Rar$EX00.091\skyrimv1815107+32tr.exe
PRC - [2012.09.28 09:25:56 | 000,586,904 | ---- | M] (PandoraTV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
PRC - [2012.09.28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.10.22 15:20:14 | 002,158,592 | ---- | M] () -- C:\Program Files (x86)\Vtune\TBPANEL.exe


========== Modules (No Company Name) ==========

MOD - [2013.06.15 03:28:42 | 000,393,168 | ---- | M] () -- C:\Users\PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
MOD - [2013.06.15 03:28:41 | 013,140,432 | ---- | M] () -- C:\Users\PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
MOD - [2013.06.15 03:28:40 | 004,051,408 | ---- | M] () -- C:\Users\PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013.06.15 03:27:51 | 000,599,504 | ---- | M] () -- C:\Users\PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013.06.15 03:27:50 | 000,124,368 | ---- | M] () -- C:\Users\PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013.06.15 03:27:48 | 001,597,392 | ---- | M] () -- C:\Users\PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2013.05.08 11:00:25 | 000,474,112 | ---- | M] () -- C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll
MOD - [2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Seznam.cz\bin\533libfoxloader.dll
MOD - [2013.03.25 16:39:52 | 000,894,968 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2013.03.17 13:35:55 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2010.10.22 15:20:14 | 002,158,592 | ---- | M] () -- C:\Program Files (x86)\Vtune\TBPANEL.exe
MOD - [1998.10.31 05:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\Vtune\TBMANAGE.DLL


========== Services (SafeList) ==========

SRV:64bit: - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.06.12 17:31:19 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.09 14:29:19 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.04.19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.12.03 17:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.06.27 08:04:10 | 001,030,440 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.06.27 08:04:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.05.09 10:59:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.07.03 17:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.04.08 16:24:21 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.04.08 16:24:18 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.06 00:29:00 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.02.23 12:39:50 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2009.11.25 15:06:02 | 001,276,928 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.11.19 15:06:43 | 000,158,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039unic.sys -- (s1039unic)
DRV:64bit: - [2009.11.19 15:06:43 | 000,137,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039obex.sys -- (s1039obex)
DRV:64bit: - [2009.11.19 15:06:43 | 000,034,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039nd5.sys -- (s1039nd5)
DRV:64bit: - [2009.11.19 15:06:41 | 000,141,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV:64bit: - [2009.11.19 15:06:40 | 000,161,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdm.sys -- (s1039mdm)
DRV:64bit: - [2009.11.19 15:06:39 | 000,019,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV:64bit: - [2009.11.19 15:06:38 | 000,127,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039bus.sys -- (s1039bus)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=NP01DF& ... -SearchBox
IE - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\SearchScopes\{506FAB61-D107-457F-8706-509AA4B93054}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\SearchScopes\{D3811589-E978-489E-B665-390F9B583135}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\SearchScopes\{FCFD5367-8D55-4F5B-B354-472E34D3C360}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@live.heroesandgenerals.com/npretox: D:\Games\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\PC\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\PC\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013.06.16 11:50:01 | 000,000,000 | ---D | M]

[2012.10.14 00:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012.10.14 00:35:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions
[2012.10.14 00:35:24 | 000,189,644 | ---- | M] () (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\0\extensions\onlinehdtv@onlinehd.tv.xpi
[2012.07.31 13:59:18 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\extensions\gophoto@gophoto.it.xpi
[2012.03.30 16:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.10.28 18:57:19 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.03.26 08:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Cetrumcz_igeared.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\PC\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: Happy Cloud Plugin (Enabled) = C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Heroes & Generals live (Enabled) = D:\Games\Heroes & Generals\live\npretoxlive.dll

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4 - HKLM..\Run: [4StoryPrePatch] D:\Games\4Story_CZ\PrePatch.exe File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000..\Run: [StickyPassword] "C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned File not found
O4 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000..\Run: [TBPanel] C:\Program Files (x86)\Vtune\TBPanel.exe ()
O4 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.19.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4EA0775B-8FA8-4F1F-8A52-5BDE00662118}: DhcpNameServer = 192.168.19.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56E8AD90-DBE3-4EF4-AA12-DAD55808CD2B}: DhcpNameServer = 192.168.1.254 10.2.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{933D9779-53DC-4163-808F-D2AE89E9450C}: DhcpNameServer = 192.168.19.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCF8F3F8-BF14-45F2-9E2B-6DE63E494DCC}: DhcpNameServer = 192.168.19.1 192.168.0.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN64C~1.DLL) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.02.25 18:24:44 | 000,000,051 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{87a827df-2f98-11e0-97e8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{87a827df-2f98-11e0-97e8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Install.exe -- [2004.10.21 19:38:02 | 000,126,976 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{8a034dd0-3082-11e0-8984-0025227d8c72}\Shell - "" = AutoRun
O33 - MountPoints2\{8a034dd0-3082-11e0-8984-0025227d8c72}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll ()
O36 - AppCertDlls: x86 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll ()
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.06.27 17:55:06 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.27 17:54:56 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.27 09:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\StarApp
[2013.06.27 08:36:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\EZDownloader
[2013.06.27 08:22:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebSearch
[2013.06.27 08:22:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SafeSaver
[2013.06.26 12:56:39 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
[2013.06.26 12:56:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicISO
[2013.06.26 08:07:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
[2013.06.26 02:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2013.06.25 23:32:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Search Results Toolbar
[2013.06.25 10:23:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Application Data
[2013.06.25 10:23:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\WebPlayer
[2013.06.23 22:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightspark 0.5.3-git
[2013.06.23 22:12:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lightspark 0.5.3-git
[2013.06.23 22:12:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2013.06.23 22:12:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Seznam.cz
[2013.06.23 21:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.06.23 21:30:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013.06.23 21:03:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty BO2 MP
[2013.05.15 19:41:18 | 000,802,136 | ---- | C] (BitTorrent Inc.) -- C:\Program Files (x86)\uTorrent.exe
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.06.27 19:36:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.06.27 19:31:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.27 19:23:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000UA.job
[2013.06.27 19:21:22 | 000,015,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.27 19:21:22 | 000,015,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.27 19:14:38 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.27 19:14:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.27 19:13:56 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.27 19:12:37 | 000,000,207 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.06.27 19:09:04 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.27 10:23:02 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000Core.job
[2013.06.27 10:01:41 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.06.27 10:01:41 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.06.27 08:04:10 | 001,030,440 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.06.27 08:04:10 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.06.27 08:04:10 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.06.27 08:04:10 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.06.26 21:33:46 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.06.26 13:07:19 | 3165,253,630 | ---- | M] () -- C:\Users\PC\Desktop\yxcyc.iso
[2013.06.26 12:56:40 | 000,001,803 | ---- | M] () -- C:\Users\PC\Desktop\MagicISO.lnk
[2013.06.24 08:41:08 | 001,605,296 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.24 08:41:08 | 000,675,262 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.06.24 08:41:08 | 000,661,080 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.24 08:41:08 | 000,145,216 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.06.24 08:41:08 | 000,125,270 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.23 21:31:04 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.06.23 21:03:36 | 000,000,405 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty BO2 MP .lnk
[2013.06.22 15:34:40 | 000,001,205 | ---- | M] () -- C:\Users\PC\Desktop\CoJGunslinger – zástupce.lnk
[2013.06.21 12:27:30 | 000,002,354 | ---- | M] () -- C:\Users\PC\Desktop\Google Chrome.lnk
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.06.27 19:36:49 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.06.27 19:12:27 | 000,000,207 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.06.27 08:04:10 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.06.27 08:04:10 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.06.26 13:01:04 | 3165,253,630 | ---- | C] () -- C:\Users\PC\Desktop\yxcyc.iso
[2013.06.26 12:56:40 | 000,001,803 | ---- | C] () -- C:\Users\PC\Desktop\MagicISO.lnk
[2013.06.23 21:31:04 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.06.23 21:03:36 | 000,000,405 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty BO2 MP .lnk
[2013.06.22 15:34:42 | 000,001,205 | ---- | C] () -- C:\Users\PC\Desktop\CoJGunslinger – zástupce.lnk
[2013.06.09 14:29:22 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.06.09 14:29:19 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.01.27 13:28:57 | 000,000,090 | ---- | C] () -- C:\Users\PC\AppData\Local\fusioncache.dat
[2012.11.05 17:11:08 | 001,629,210 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.17 22:01:48 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2012.06.17 21:41:44 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2012.05.20 00:00:03 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.10.14 16:13:15 | 000,002,341 | ---- | C] () -- C:\Users\PC\AppData\Local\SRDownloader(2).err
[2011.10.14 16:09:07 | 000,000,920 | ---- | C] () -- C:\Users\PC\AppData\Local\SRDownloader(2).nast
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.07.01 10:18:21 | 000,000,888 | ---- | C] () -- C:\Users\PC\AppData\Local\SRDownloader(1).nast
[2011.03.21 20:26:55 | 000,026,912 | ---- | C] () -- C:\Users\PC\AppData\Local\SRDownloader.nast
[2011.03.21 20:26:48 | 000,000,449 | ---- | C] () -- C:\Users\PC\AppData\Local\SRDownloader.err
[2011.02.22 19:55:50 | 000,012,288 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.16 14:06:14 | 000,007,605 | ---- | C] () -- C:\Users\PC\AppData\Local\Resmon.ResmonCfg
[2011.02.05 19:55:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.06.02 14:21:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AbiSuite
[2012.11.24 01:47:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Assassin's Creed III
[2012.11.08 17:34:52 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Broad Intelligence
[2012.06.13 16:14:52 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
[2013.06.05 21:06:05 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DownLite
[2013.06.27 08:36:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\EZDownloader
[2011.02.05 00:46:47 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GHISLER
[2013.04.04 18:41:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IGC
[2013.03.29 19:05:05 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Kalypso Media
[2011.07.09 21:18:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Lionhead Studios
[2013.03.17 18:18:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\LolClient
[2013.05.05 11:28:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Might & Magic Heroes VI
[2011.05.04 16:58:54 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mount&Blade With Fire and Sword
[2013.02.03 23:01:00 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mumble
[2011.03.23 16:37:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PunkBuster
[2011.02.06 00:39:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Q-Dir
[2013.06.27 19:20:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Seznam.cz
[2012.01.07 23:03:22 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\SumatraPDF
[2011.03.27 12:47:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\The Creative Assembly
[2012.11.24 01:48:45 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Theta
[2012.11.18 14:41:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TS3Client
[2012.02.28 19:53:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\twinstar_launcher
[2011.05.03 20:12:58 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Ubisoft
[2013.06.27 19:46:03 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\uTorrent
[2012.08.05 23:14:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\wargaming.net

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,524 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.09.20 16:30:07 | 000,000,898 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000Core.job
[2011.09.20 16:30:08 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000UA.job
[2012.04.03 22:41:26 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.06.16 11:59:14 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.16 11:59:15 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[20 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[29 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[2380 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.06.02 14:21:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AbiSuite
[2011.03.02 17:54:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Adobe
[2011.09.24 21:11:15 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Apple Computer
[2012.11.24 01:47:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Assassin's Creed III
[2012.11.08 17:34:52 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Broad Intelligence
[2012.06.13 16:14:52 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
[2013.06.05 21:06:05 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DownLite
[2013.06.27 08:36:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\EZDownloader
[2011.02.05 00:46:47 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GHISLER
[2011.02.03 15:30:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Identities
[2013.04.04 18:41:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IGC
[2013.03.29 19:05:05 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Kalypso Media
[2011.07.09 21:18:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Lionhead Studios
[2013.03.17 18:18:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\LolClient
[2011.02.04 18:51:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Macromedia
[2012.03.12 20:55:22 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Media Center Programs
[2012.03.30 14:37:14 | 000,000,000 | --SD | M] -- C:\Users\PC\AppData\Roaming\Microsoft
[2013.05.05 11:28:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Might & Magic Heroes VI
[2011.05.04 16:58:54 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mount&Blade With Fire and Sword
[2012.10.14 00:35:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mozilla
[2013.02.03 23:01:00 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mumble
[2012.01.22 12:03:38 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\NVIDIA
[2011.03.23 16:37:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PunkBuster
[2011.02.06 00:39:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Q-Dir
[2013.06.27 19:20:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Seznam.cz
[2013.06.27 15:45:06 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Skype
[2011.11.08 17:04:56 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\skypePM
[2012.01.07 23:03:22 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\SumatraPDF
[2011.03.27 12:47:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\The Creative Assembly
[2012.11.24 01:48:45 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Theta
[2012.11.18 14:41:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TS3Client
[2012.02.28 19:53:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\twinstar_launcher
[2011.05.03 20:12:58 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Ubisoft
[2013.06.27 20:11:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\uTorrent
[2011.12.19 16:04:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\vlc
[2012.08.05 23:14:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\wargaming.net
[2011.02.06 00:42:47 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012.11.24 01:34:24 | 001,028,460 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Assassin's Creed III\Uninstall\unins000.exe
[2011.02.17 23:46:25 | 000,835,440 | R--- | M] () -- C:\Users\PC\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.29 12:53:34 | 000,045,560 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 11:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 13:52:36 | 000,077,824 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2013.06.08 13:40:01 | 013,760,512 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.06.27 19:31:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.06.27 19:14:38 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.27 20:09:17 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.06.27 10:23:02 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000Core.job
[2013.06.27 19:23:01 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2013.06.08 13:40:01 | 013,760,512 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.06.26 21:33:46 | 000,281,688 | ---- | M] () -- C:\Windows\system32\PnkBstrB.ex0
[2013.06.27 10:01:41 | 000,281,688 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe
[2013.06.27 10:01:41 | 000,281,688 | ---- | M] () -- C:\Windows\system32\PnkBstrB.xtr
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"TBPanel" = C:\Program Files (x86)\Vtune\TBPanel.exe /A -- [2010.10.22 15:20:14 | 002,158,592 | ---- | M] ()
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.09.20 16:30:05 | 000,136,176 | ---- | M] (Google Inc.)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.04.19 15:19:04 | 018,678,376 | R--- | M] (Skype Technologies S.A.)
"Pando Media Booster" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe -- [2013.03.17 13:35:55 | 003,093,624 | ---- | M] ()
"StickyPassword" = "C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned
"uTorrent" = "C:\Program Files (x86)\uTorrent.exe" /MINIMIZED -- [2013.05.15 19:41:38 | 000,802,136 | ---- | M] (BitTorrent Inc.)
"Steam" = "C:\Program Files (x86)\Steam\Steam.exe" -silent -- [2013.06.07 00:06:24 | 001,641,896 | ---- | M] (Valve Corporation)
"cz.seznam.software.autoupdate" = "C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe" -c -- [2013.05.16 15:25:04 | 001,062,472 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -- [2013.04.12 10:10:22 | 000,092,664 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.05.17 04:32:12 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.06.27 19:36:49 | 000,000,512 | ---- | M] () MD5=E676914E466327CA7B9A0B3D81236F40 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.11.09 09:49:48 | 040,868,256 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\Common\mp_cracked.ff
[2010.11.09 09:49:48 | 000,019,296 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\English\en_mp_cracked.ff
[2010.02.15 12:51:58 | 000,000,149 | R--- | M] () -- \Program Files (x86)\Electronic Arts\SHIFT 2 UNLEASHED\GUI\glass_cracks.bspr
[2012.06.26 16:31:50 | 000,001,746 | ---- | M] () -- \Program Files (x86)\The Elder Scrolls V Skyrim\The.Elder.Scrolls.V.Skyrim.v1.6.89.0.6.Update.9.CRACKED-P2P.nfo
[2012.11.16 20:19:55 | 016,372,576 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay_Cracked.exe
[2006.01.10 01:00:00 | 000,087,536 | ---- | M] () -- \Program Files\Mockba to Berlin\Gfx\Decals\decal_roadcrack_01.dds
[2006.01.10 01:00:00 | 000,087,536 | ---- | M] () -- \Program Files\Mockba to Berlin\Gfx\Decals\decal_roadcrack_02.dds
[2006.01.10 01:00:00 | 000,001,120 | ---- | M] () -- \Program Files\Mockba to Berlin\Inf\Bases\decal_roadcrack_01.base
[2006.01.10 01:00:00 | 000,001,121 | ---- | M] () -- \Program Files\Mockba to Berlin\Inf\Bases\decal_roadcrack_02.base
[2010.11.09 09:49:48 | 040,868,256 | ---- | M] () -- \Users\PC\AppData\Local\VirtualStore\Program Files (x86)\Activision\Call of Duty - Black Ops\zone\Common\mp_cracked.ff
[2010.11.09 09:49:48 | 000,019,296 | ---- | M] () -- \Users\PC\AppData\Local\VirtualStore\Program Files (x86)\Activision\Call of Duty - Black Ops\zone\English\en_mp_cracked.ff
[2013.06.26 07:58:35 | 000,001,278 | ---- | M] () -- \Users\PC\AppData\Roaming\Microsoft\Windows\Recent\SKIDROWCRACK.COM.lnk
[2011.05.14 21:12:09 | 031,995,306 | ---- | M] () -- \Users\PC\Desktop\Moje\Hry\Cracky,češtiny,trainery\Crysis 2 Crack.rar
[2011.05.27 17:20:54 | 008,738,842 | ---- | M] () -- \Users\PC\Desktop\Moje\Hry\Cracky,češtiny,trainery\the-witcher-2-assassins-of-kings-crack-fix-skidrow.rar
[2012.10.14 00:02:18 | 000,044,362 | ---- | M] () -- \Users\PC\Downloads\crack-babies-1-500x375.jpg
[2012.10.14 00:34:58 | 000,232,120 | ---- | M] () -- \Users\PC\Downloads\Dishonored_Incl_Fixed_Crack-3DM.exe
[2013.06.26 00:43:39 | 000,000,032 | R--- | M] () -- \Users\PC\Downloads\Company of Heroes 2\SKIDROWCRACK.COM.txt
[2013.06.26 00:43:40 | 000,000,113 | R--- | M] () -- \Users\PC\Downloads\Company of Heroes 2\SKIDROWCRACK.COM.url
[2013.06.26 05:10:53 | 000,000,032 | R--- | M] () -- \Users\PC\Downloads\Company of Heroes 2\licences\SKIDROWCRACK.COM.txt
[2013.06.26 05:10:53 | 000,000,113 | R--- | M] () -- \Users\PC\Downloads\Company of Heroes 2\licences\SKIDROWCRACK.COM.url
[2013.06.26 03:19:47 | 000,000,032 | R--- | M] () -- \Users\PC\Downloads\Company of Heroes 2\redist\SKIDROWCRACK.COM.txt
[2013.06.26 03:19:47 | 000,000,113 | R--- | M] () -- \Users\PC\Downloads\Company of Heroes 2\redist\SKIDROWCRACK.COM.url

< *keygen* /s >

< *loader* /s >
[2012.03.08 19:17:59 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2011.02.03 06:32:41 | 000,057,856 | ---- | M] () -- \Program Files (x86)\Dragon Age 2\bin_ship\physxloader.dll
[2008.12.06 18:13:52 | 000,001,070 | ---- | M] () -- \Program Files (x86)\MediaCoder\extensions\_include\loader.html
[2012.11.01 10:32:14 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.11.01 10:32:44 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.09.05 00:34:12 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.09.05 00:34:12 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2007.04.03 11:05:20 | 000,018,944 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung PC Studio 3\CMLoader.dll
[2013.01.09 12:41:56 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2011.07.03 12:03:47 | 000,138,582 | ---- | M] () -- \Program Files (x86)\StarCraft II\Logs\Downloader.log
[2011.07.03 12:07:02 | 000,794,112 | ---- | M] () -- \Program Files (x86)\StarCraft II\Support\BlizzardDownloader.exe
[2012.03.15 23:18:45 | 000,132,096 | ---- | M] () -- \Program Files (x86)\The Elder Scrolls V Skyrim\skse_loader.exe
[2012.03.15 23:18:32 | 000,093,184 | ---- | M] () -- \Program Files (x86)\The Elder Scrolls V Skyrim\skse_steam_loader.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2011.04.22 03:03:50 | 000,022,574 | R--- | M] () -- \Program Files (x86)\The Witcher 2\CookedPC\globals\gui\loadingscreens\loader.swf
[2011.02.17 17:50:18 | 000,234,104 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ubiorbitapi_r2_loader.dll
[2011.11.29 12:59:18 | 000,228,864 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ubiorbitapi_r2_loader.dll
[2011.10.30 08:10:24 | 000,169,080 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Revelations\uplay_r1_loader.dll
[2011.09.02 17:51:51 | 000,228,352 | R--- | M] () -- \Program Files (x86)\Ubisoft\Might & Magic Heroes VI\ubiorbitapi_r2_loader.dll
[2011.08.24 17:15:10 | 000,002,134 | ---- | M] () -- \Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Data\html\dynapi\examples\dynapi.functions.imageloader.html
[2012.11.19 01:06:50 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2012.11.19 01:06:52 | 000,293,376 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2012.07.25 17:55:50 | 000,071,208 | ---- | M] () -- \Program Files (x86)\World_of_Tanks\PhysXLoader.dll
[2013.02.26 18:36:29 | 000,003,668 | ---- | M] () -- \Program Files (x86)\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2013.06.12 13:05:20 | 000,006,463 | ---- | M] () -- \Program Files (x86)\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2010.03.15 12:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.03.08 19:39:29 | 001,077,904 | ---- | M] () -- \Program Files\World of Warcraft\BackgroundDownloader.exe
[2012.03.08 19:36:25 | 000,003,026 | ---- | M] () -- \Program Files\World of Warcraft\Data\enUS\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2012.03.08 19:36:25 | 000,004,261 | ---- | M] () -- \Program Files\World of Warcraft\Data\enUS\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2010.10.10 09:58:20 | 000,000,381 | ---- | M] () -- \Program Files\World of Warcraft\Interface\Addons\Prat-3.0\pullouts\Prat-3.0_Loader\Prat-3.0_Loader.toc
[2011.07.03 12:06:59 | 002,639,424 | ---- | M] () -- \ProgramData\Blizzard Entertainment\StarCraft II\patched\Support\BlizzardDownloader.exe
[2013.01.14 12:19:08 | 000,622,488 | ---- | M] () -- \ProgramData\HappyCloud\Application\HCLOTROLoader.exe
[2013.01.03 14:34:48 | 000,273,053 | ---- | M] () -- \ProgramData\HappyCloud\Application\HCLOTROLoader.ico
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2011.07.03 12:06:59 | 002,639,424 | ---- | M] () -- \Users\All Users\Blizzard Entertainment\StarCraft II\patched\Support\BlizzardDownloader.exe
[2013.01.14 12:19:08 | 000,622,488 | ---- | M] () -- \Users\All Users\HappyCloud\Application\HCLOTROLoader.exe
[2013.01.03 14:34:48 | 000,273,053 | ---- | M] () -- \Users\All Users\HappyCloud\Application\HCLOTROLoader.ico
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2011.07.01 10:20:28 | 000,000,888 | ---- | M] () -- \Users\PC\AppData\Local\SRDownloader(1).nast
[2011.10.17 14:35:42 | 000,002,341 | ---- | M] () -- \Users\PC\AppData\Local\SRDownloader(2).err
[2011.10.28 17:18:50 | 000,000,920 | ---- | M] () -- \Users\PC\AppData\Local\SRDownloader(2).nast
[2011.03.21 20:26:52 | 000,000,449 | ---- | M] () -- \Users\PC\AppData\Local\SRDownloader.err
[2011.03.21 20:26:56 | 000,026,912 | ---- | M] () -- \Users\PC\AppData\Local\SRDownloader.nast
[2013.05.18 14:45:12 | 000,000,753 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20WG0ETL\AdLoader[1].htm
[2013.05.19 18:38:22 | 000,000,374 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20WG0ETL\queryLoader[1].css
[2013.06.23 22:12:38 | 000,031,516 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8TCSW1VU\cz.seznam.software.libfoxloader-3.1.2-win32[1].zip
[2013.06.06 21:28:50 | 000,000,374 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DHALOS1A\queryLoader[1].css
[2013.06.06 21:28:55 | 000,005,708 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DHALOS1A\queryLoader[1].js
[2013.06.20 21:23:41 | 000,005,708 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DHALOS1A\queryLoader[2].js
[2013.06.27 08:21:35 | 001,722,581 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQZHBQ7W\ezdownloader[1].exe
[2013.05.18 14:45:12 | 000,105,903 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGRU5ESZ\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.05.19 18:38:22 | 000,005,708 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGRU5ESZ\queryLoader[1].js
[2013.06.20 21:23:40 | 000,000,374 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GW5O3TVS\queryLoader[1].css
[2013.04.13 19:34:28 | 000,005,884 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O097CW3Q\universaldownloader-prefetch[1].txt
[2012.08.26 14:23:55 | 000,335,990 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A7XX2QE\audiouploader[1].swf
[2012.09.02 14:16:36 | 000,000,692 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A7XX2QE\favaudioloader_cz_CZ[1].xml
[2012.08.12 22:23:56 | 000,000,660 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A7XX2QE\ImageLoader_Langcz_CZ[1].xml
[2012.09.01 21:55:21 | 000,000,660 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A7XX2QE\ImageLoader_Langcz_CZ[2].xml
[2012.08.14 19:45:03 | 000,017,912 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9J8OF5DJ\chatpreloader[1].swf
[2012.08.17 23:49:40 | 000,026,307 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9J8OF5DJ\preloader[1].swf
[2012.08.26 14:34:24 | 000,017,912 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QW8FGYKQ\chatpreloader[1].swf
[2012.09.01 20:16:39 | 000,017,912 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QW8FGYKQ\chatpreloader[2].swf
[2012.08.26 14:23:55 | 000,000,692 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QW8FGYKQ\favaudioloader_cz_CZ[1].xml
[2012.08.12 22:23:54 | 000,026,307 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QW8FGYKQ\preloader[1].swf
[2012.09.01 21:55:19 | 000,026,307 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QW8FGYKQ\preloader[2].swf
[2012.09.02 14:16:35 | 000,335,990 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W0IXLTBV\audiouploader[1].swf
[2012.08.09 14:02:44 | 000,017,912 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W0IXLTBV\chatpreloader[1].swf
[2012.08.12 22:23:56 | 000,236,550 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W0IXLTBV\ImageLoader[1].swf
[2012.09.01 21:55:21 | 000,236,550 | ---- | M] () -- \Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W0IXLTBV\ImageLoader[2].swf
[2013.06.27 08:21:36 | 001,722,581 | ---- | M] () -- \Users\PC\AppData\Local\Temp\{4E97A61F-A05C-4051-A2BA-E87E957484E9}\Addons\EzDownloader_setup.exe
[2012.08.02 12:19:57 | 000,010,519 | ---- | M] () -- \Users\PC\AppData\Local\Temp\Temporary Internet Files\Content.IE5\1386C3HG\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.08.05 23:52:12 | 000,000,652 | ---- | M] () -- \Users\PC\AppData\Local\Temp\Temporary Internet Files\Content.IE5\1386C3HG\AdLoader[1].htm
[2011.04.15 16:29:28 | 000,000,118 | ---- | M] () -- \Users\PC\AppData\Local\VirtualStore\Program Files (x86)\DiRT 3\audio\audio_loader.xml
[2013.04.15 13:32:10 | 000,060,416 | ---- | M] () -- \Users\PC\AppData\Roaming\Seznam.cz\bin\533libfoxloader-x64.dll
[2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- \Users\PC\AppData\Roaming\Seznam.cz\bin\533libfoxloader.dll
[2013.06.23 22:12:46 | 000,000,163 | ---- | M] () -- \Users\PC\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.01.09 12:41:56 | 000,030,608 | ---- | M] () -- \Users\PC\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.03.25 16:27:20 | 000,000,665 | ---- | M] () -- \Users\PC\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 16:27:26 | 000,000,117 | ---- | M] () -- \Users\PC\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2012.11.20 19:57:49 | 000,234,616 | ---- | M] () -- \Users\PC\Desktop\Moje\AC3\Assassins.Creed.3.v1.01.CrackOnly-THETA\ubiorbitapi_r2_loader.dll
[2012.11.20 19:57:58 | 000,003,584 | ---- | M] () -- \Users\PC\Desktop\Moje\AC3\Assassins.Creed.3.v1.01.CrackOnly-THETA\uplay_r1_loader.dll
[2011.07.01 10:18:05 | 000,997,376 | ---- | M] () -- \Users\PC\Downloads\SRDownloader(1).exe
[2011.10.17 14:36:04 | 000,903,680 | ---- | M] () -- \Users\PC\Downloads\SRDownloader(2).exe
[2011.03.21 20:25:32 | 000,995,328 | ---- | M] () -- \Users\PC\Downloads\SRDownloader.exe
[2011.11.05 12:47:01 | 000,002,114 | ---- | M] () -- \Users\PC\Sračky\MP3 Downloader.lnk
[2011.03.20 02:22:22 | 000,001,098 | ---- | M] () -- \Users\PC\Sračky\YouTube Downloader.lnk
[2011.02.11 21:49:04 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enGB-tools-downloader.exe
[2012.03.08 19:17:56 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enUS-tools-downloader.exe
[2010.11.20 12:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 14:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[4 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[4 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 17:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.06.24 13:00:09 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.06.24 13:00:09 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.06.24 13:00:09 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.06.24 13:00:09 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.06.24 13:00:09 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Dovolim si otazku, ma cenu lecit PC, ktere si uzivatel s prominutim zaliska hned vlastni blbosti zpatky diky crackum\keygenum a podobnym "dobrotami" Nehlede na porusovani autorskeho zakona

Zdravím, počítač patří synovi který přišel s tím že mu špatně funguje. O stahovaní her z internetu jsem nevěděl a takhle to vypadá že mu to patří ale tento PC nebyl levný a proto bych byl moc rád pokud by byla nějaká možnost jak ho vyléčit.

Tak synovi vysvetlete, ze hry se nekradou, jinak misto na drahy PC budete setrit na mnohatisicove pokuty za porusovani zakona

Odinstalujte PANDORA.TV

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - [2012.09.28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
  IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=NP01DF&PC=NP01&q={searchTerms}&src=IE-SearchBox
  IE - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\SearchScopes\{506FAB61-D107-457F-8706-509AA4B93054}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
  IE - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\SearchScopes\{D3811589-E978-489E-B665-390F9B583135}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
  IE - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\SearchScopes\{FCFD5367-8D55-4F5B-B354-472E34D3C360}: "URL" = http://search.centrum.cz/index.php?q={searchTerms}&toolbar=centrum-1.0.0
  O3 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
  O3 - HKU\S-1-5-21-1885314319-1773555036-2269745920-1000\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
  O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  O1364bit: - gopher Prefix: missing
  O13 - gopher Prefix: missing
  O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
  O18 - Protocol\Handler\gopher - No CLSID value found
  O20:64bit: - AppInit_DLLs: (C:\PROGRA~3\Wincert\WIN64C~1.DLL) - File not found
  O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O36 - AppCertDlls: x64 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll ()
  O36 - AppCertDlls: x86 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll) - C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll ()
  [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  [8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [20 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [29 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
  [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
  [4 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
  [2013.06.27 19:31:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  [2013.06.27 19:14:38 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  [2013.06.27 20:09:17 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  [2013.06.27 10:23:02 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000Core.job
  [2013.06.27 19:23:01 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000UA.job
  
  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  "Google Update"=-
  "Skype"=-
  "Pando Media Booster"=-
  "uTorrent"=-
  "Steam"=-
  "WebCake Desktop"=-
  "cz.seznam.software.autoupdate"=-
  "cz.seznam.software.szndesktop"=-
  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  "SunJavaUpdateSched"=-
  "4StoryPrePatch"=-
  "seznam-listicka-distribuce"=-
  "DATAMNGR"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  "AppInit_DLLs"=""
  
  :files
  C:\Program Files (x86)\Search Results Toolbar
  C:\Program Files (x86)\PANDORA.TV
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
Error: No service named PanService was found to stop!
Service\Driver key PanService not found.
File C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1885314319-1773555036-2269745920-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1885314319-1773555036-2269745920-1000\Software\Microsoft\Internet Explorer\SearchScopes\{506FAB61-D107-457F-8706-509AA4B93054}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{506FAB61-D107-457F-8706-509AA4B93054}\ not found.
Registry key HKEY_USERS\S-1-5-21-1885314319-1773555036-2269745920-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D3811589-E978-489E-B665-390F9B583135}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3811589-E978-489E-B665-390F9B583135}\ not found.
Registry key HKEY_USERS\S-1-5-21-1885314319-1773555036-2269745920-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FCFD5367-8D55-4F5B-B354-472E34D3C360}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCFD5367-8D55-4F5B-B354-472E34D3C360}\ not found.
Registry value HKEY_USERS\S-1-5-21-1885314319-1773555036-2269745920-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
Registry value HKEY_USERS\S-1-5-21-1885314319-1773555036-2269745920-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\gopher\ deleted successfully.
File Protocol\Handler\gopher - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~3\Wincert\WIN64C~1.DLL deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll moved successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4827.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7D1B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8170.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB443.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBA49.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD1B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1BFF.tmp\System.Web.Extensions.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1BFF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2D48.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3736.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP37DC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP39C0.tmp\napcrypt.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP39C0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3DB1.tmp\Mcx2Dvcs.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3DB1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP600D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP79E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA331.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA877.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA949.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB4DD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC3D4.tmp\LoadMxf.exe deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC3D4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC8AC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCCB6.tmp\PaintDotNet.Data.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCCB6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD806.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEEE.tmp\System.Web.Extensions.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEEE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFBCD.tmp folder deleted successfully.
C:\Windows\Installer\MSI4487.tmp deleted successfully.
C:\Windows\Installer\MSI735A.tmp deleted successfully.
C:\Windows\Installer\MSI781C.tmp deleted successfully.
C:\Windows\Installer\MSI7926.tmp deleted successfully.
C:\Windows\Installer\MSI7AAD.tmp deleted successfully.
C:\Windows\Installer\MSI7BC7.tmp deleted successfully.
C:\Windows\Installer\MSI7CB2.tmp deleted successfully.
C:\Windows\Installer\MSI7D7E.tmp deleted successfully.
C:\Windows\Installer\MSI7E69.tmp deleted successfully.
C:\Windows\Installer\MSI7F54.tmp deleted successfully.
C:\Windows\Installer\MSI803F.tmp deleted successfully.
C:\Windows\Installer\MSI8780.tmp deleted successfully.
C:\Windows\Installer\MSI88F8.tmp deleted successfully.
C:\Windows\Installer\MSI8ACD.tmp deleted successfully.
C:\Windows\Installer\MSI8BE7.tmp deleted successfully.
C:\Windows\Installer\MSI8CF1.tmp deleted successfully.
C:\Windows\Installer\MSI8E78.tmp deleted successfully.
C:\Windows\Installer\MSI8F82.tmp deleted successfully.
C:\Windows\Installer\MSI904E.tmp deleted successfully.
C:\Windows\Installer\MSI93A9.tmp deleted successfully.
C:\Windows\Installer\MSI94A3.tmp deleted successfully.
C:\Windows\Installer\MSI95FC.tmp deleted successfully.
C:\Windows\Installer\MSI96F6.tmp deleted successfully.
C:\Windows\Installer\MSI9986.tmp deleted successfully.
C:\Windows\Installer\MSI9A91.tmp deleted successfully.
C:\Windows\Installer\MSIC236.tmp deleted successfully.
C:\Windows\Installer\MSIDD89.tmp deleted successfully.
C:\Windows\Installer\MSIE584.tmp deleted successfully.
C:\Windows\Installer\MSIEEDE.tmp deleted successfully.
C:\Windows\System32\tmp8FD2.tmp deleted successfully.
C:\Windows\System32\tmp8FD3.tmp deleted successfully.
C:\Windows\System32\tmpA100.tmp deleted successfully.
C:\Windows\System32\tmpA278.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1885314319-1773555036-2269745920-1000UA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WebCake Desktop not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\4StoryPrePatch deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== FILES ==========
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64 folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr folder moved successfully.
C:\Program Files (x86)\Search Results Toolbar folder moved successfully.
C:\Program Files (x86)\PANDORA.TV\PanService folder moved successfully.
C:\Program Files (x86)\PANDORA.TV folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: PC
->Temp folder emptied: 2187836779 bytes
->Temporary Internet Files folder emptied: 264256508 bytes
->Java cache emptied: 1 bytes
->Google Chrome cache emptied: 300242136 bytes
->Flash cache emptied: 92067 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 645543476 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42321202 bytes
RecycleBin emptied: 643176 bytes

Total Files Cleaned = 3 282,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: PC
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: PC
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06282013_214239

Files\Folders moved on Reboot...
C:\Users\PC\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Napiste jak se chova PC

Zdá se že počítač funguje jak má. Mnohokrát děkuji za vaši pomoc.