VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by David at 2013-11-16 17:56:33
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 59 GB (12%) free of 477 GB
Total RAM: 3070 MB (48% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job
C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{AD178CE2-18A5-4B81-9E5B-050DC52D39CE}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "DTToolbar@toolbarnet.com:1.0.0.5, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.3&q="

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Program Files\Real\RealPlayer\browserrecord
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}

C:\Program Files\Mozilla Firefox\components\
AskSearch.js
nppl3260.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeploytk.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
fcmdSrch.xml

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\
icq-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}]
4shared.com Toolbar - C:\Program Files\4shared.com\tb4sha.dll [2009-11-09 2331672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-05-22 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll [2010-10-26 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfre0.dll [2008-09-15 1784856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-03-18 1361208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfre0.dll [2008-09-15 1784856]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-10-14 863688]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - 4shared.com Toolbar - C:\Program Files\4shared.com\tb4sha.dll [2009-11-09 2331672]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-03-18 1361208]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll [2010-10-26 217088]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-04-05 1008184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-25 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-25 92704]
"DelReg"=C:\Program Files\MSI\DualCoreCenter\DelReg.exe [2008-05-13 196608]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-02-13 4915200]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\Windows\system32\xRaidSetup.exe [2007-11-19 1970176]
"FightBoard"=C:\Program Files\REVOLTEC\FightBoard Advanced 1.00\FightBoard.exe [2006-11-27 2441216]
"NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-22 149280]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-02-08 488984]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2007-02-08 774168]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-01-21 92168]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2010-03-17 106496]
"SpywareTerminator"=C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2010-05-15 1722880]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-05-22 198160]
"facemoods"=C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe [2010-10-26 323584]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2009-12-19 500208]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-04-05 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-22 306088]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-04-05 125952]
"Google Update"=C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-19 135664]
"4shared Desktop"=C:\Program Files\4shared Desktop\desktop.exe [2009-12-07 3632640]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2013-07-02 248208]
"ICQ"=~C:\Program Files\ICQ6\ICQ.exe silent []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-04-20 26192680]
"Clownfish"=C:\Program Files\Clownfish\Clownfish.exe [2011-10-10 936448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe [2013-10-09 829832]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DualCoreCenter.lnk - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.I420"=lvcodec2.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.tscc"=tsccvid.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"VIDC.DIVX"=DivX.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=AC3ACM.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2013-11-15 19:16:50 ----D---- C:\Program Files\Mozilla Firefox
2013-11-01 16:37:41 ----D---- C:\Program Files\Microsoft Synchronization Services
2013-11-01 16:37:37 ----D---- C:\Program Files\Common Files\DESIGNER
2013-11-01 16:36:43 ----D---- C:\Windows\PCHEALTH
2013-11-01 16:36:43 ----D---- C:\Program Files\Microsoft.NET
2013-11-01 16:36:43 ----D---- C:\Program Files\Microsoft Sync Framework
2013-11-01 16:36:43 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-11-01 16:35:00 ----D---- C:\Program Files\Microsoft Visual Studio 8
2013-11-01 16:32:47 ----D---- C:\Program Files\Microsoft Analysis Services
2013-11-01 16:31:40 ----D---- C:\ProgramData\Microsoft Help
2013-11-01 16:31:24 ----RHD---- C:\MSOCache
2013-10-17 20:56:46 ----A---- C:\Windows\system32\gcapi_dll.dll
2013-10-17 20:56:34 ----D---- C:\Users\David\AppData\Roaming\Foxit Software
2013-10-17 20:02:45 ----D---- C:\Users\David\AppData\Roaming\Rovio
2013-10-17 20:01:52 ----D---- C:\Program Files\Rovio
2013-10-17 08:34:28 ----D---- C:\Program Files\Atari

======List of files/folders modified in the last 1 month======

2013-11-16 17:56:34 ----D---- C:\Program Files\trend micro
2013-11-16 17:56:31 ----D---- C:\Windows\temp
2013-11-16 17:56:31 ----D---- C:\Windows\Prefetch
2013-11-16 17:49:17 ----D---- C:\Users\David\AppData\Roaming\Skype
2013-11-16 16:51:49 ----D---- C:\Windows\system32\catroot2
2013-11-16 16:51:47 ----SHD---- C:\System Volume Information
2013-11-16 16:03:36 ----D---- C:\Users\David\AppData\Roaming\skypePM
2013-11-16 15:16:43 ----D---- C:\Program Files\JDownloader2
2013-11-16 14:26:08 ----D---- C:\Windows\System32
2013-11-16 14:26:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-16 14:26:07 ----D---- C:\Windows\inf
2013-11-16 14:24:20 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-16 14:24:17 ----RD---- C:\Program Files
2013-11-16 14:23:55 ----D---- C:\Windows\system32\Tasks
2013-11-16 14:22:46 ----D---- C:\Users\David\AppData\Roaming\4shared Desktop
2013-11-09 14:22:14 ----D---- C:\Windows
2013-11-09 09:50:13 ----D---- C:\Users\David\AppData\Roaming\Media Player Classic
2013-11-09 09:22:19 ----D---- C:\Users\David\AppData\Roaming\Winamp
2013-11-01 17:43:54 ----D---- C:\Windows\Microsoft.NET
2013-11-01 17:43:53 ----RSD---- C:\Windows\assembly
2013-11-01 16:48:40 ----SD---- C:\Users\David\AppData\Roaming\Microsoft
2013-11-01 16:43:11 ----SHD---- C:\Windows\Installer
2013-11-01 16:41:37 ----D---- C:\Windows\winsxs
2013-11-01 16:39:45 ----RSD---- C:\Windows\Fonts
2013-11-01 16:39:28 ----D---- C:\Windows\ShellNew
2013-11-01 16:39:24 ----D---- C:\Program Files\Common Files\microsoft shared
2013-11-01 16:39:05 ----D---- C:\Program Files\MSBuild
2013-11-01 16:37:37 ----D---- C:\Program Files\Common Files
2013-11-01 16:36:45 ----D---- C:\Program Files\Microsoft Office
2013-11-01 16:36:43 ----SD---- C:\ProgramData\Microsoft
2013-11-01 16:33:51 ----A---- C:\Windows\win.ini
2013-11-01 16:33:43 ----D---- C:\Program Files\Common Files\System
2013-11-01 16:31:40 ----D---- C:\ProgramData
2013-11-01 15:30:14 ----D---- C:\Program Files\MSECache
2013-10-25 12:02:52 ----D---- C:\Windows\Logs
2013-10-24 12:03:51 ----D---- C:\Windows\system32\drivers
2013-10-17 10:23:24 ----D---- C:\ProgramData\Test Drive Unlimited

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2008-04-05 145464]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-11-26 72704]
R0 pe3anrqc;UAZ Racing 4x4 Environment Driver (pe3anrqc); C:\Windows\system32\drivers\pe3anrqc.sys [2007-11-09 65152]
R0 ps7anrqc;UAZ Racing 4x4 Synchronization Driver (ps7anrqc); C:\Windows\system32\drivers\ps7anrqc.sys [2007-11-09 68744]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-11-29 717296]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\ProgramData\Spyware Terminator\sp_rsdrv2.sys [2010-05-15 133120]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
R2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys [2009-10-11 16512]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-10-12 281760]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-10-12 25888]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2006-12-21 90688]
R2 SentinelFilter;SentinelFilter; \??\C:\Program Files\JDownloader\downloads\SURFCAM\SURFCAM\crack\SENTINELFILTER.SYS [2006-11-10 256256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-02-14 2061528]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-02-06 25632]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-25 7468544]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-01-13 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-01-13 49160]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-04-05 83328]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-08-24 66560]
S3 a3xfat6p;a3xfat6p; C:\Windows\system32\drivers\a3xfat6p.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-04-05 5632]
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys [2008-02-27 28160]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-02-03 41504]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-04-05 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-04-05 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-04-05 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-04-05 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-02-03 490784]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\MSI\DualCoreCenter\RushTop.sys [2008-05-15 56320]
S3 SAgentDriver;SAgent Driver; \??\C:\Program Files\SoftActivity\SKL\sagendrv.sys [2009-01-07 31088]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1\WNt500x86\Sandra.sys [2008-10-31 22432]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 systormflb;REVOLTEC FightBoard Advanced; C:\Windows\system32\DRIVERS\systormflb.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-04-05 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2008-04-05 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-01-13 29192]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2009-01-13 31240]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-01-13 14728]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-04-05 39936]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-04-05 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-04-05 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 LVPrcSrv;Process Monitor; c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2007-02-06 109344]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-25 118784]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-12-06 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2012-09-15 107832]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Salsvc;Salsvc; C:\Program Files\SoftActivity\SKL\alsvc.exe [2009-02-17 38768]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2013-07-02 93072]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]
S2 pr2anrqc;UAZ Racing 4x4 Drivers Auto Removal (pr2anrqc); C:\Windows\system32\pr2anrqc.exe [2007-11-09 411008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-15 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1\RpcAgentSrv.exe [2008-11-03 98488]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Zdravim

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista (TM) Ultimate x86
Ran by David on so 16.11.2013 at 22:19:12,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-493184601-2494964019-3008129617-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\winamp toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-493184601-2494964019-3008129617-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\winamp toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\escort.escrtbtn.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.escrtsrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.escrtsrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.facemoodshlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.facemoodshlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.xtrnl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.xtrnl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoodsapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoodsapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.aoltbsearch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.aoltbsearch.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.aoltoolband
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.aoltoolband.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.downloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.downloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.toolbarinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.toolbarinfo.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.toolbarparams
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.toolbarparams.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptbserver.aoltoolbarhelper
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptbserver.aoltoolbarhelper.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\icqtoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\winamp toolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2233703
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECDEE021-0D17-467F-A1FF-C7A115230949}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\askbardis"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\askbardis"



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\fcmdsrch.xml"
Successfully deleted: [File] C:\Users\David\AppData\Roaming\mozilla\firefox\profiles\3n5xyjcl.default\user.js
Successfully deleted the following from C:\Users\David\AppData\Roaming\mozilla\firefox\profiles\3n5xyjcl.default\prefs.js

user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q=");
user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");
Emptied folder: C:\Users\David\AppData\Roaming\mozilla\firefox\profiles\3n5xyjcl.default\minidumps [47 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 16.11.2013 at 22:27:42,79
End of JRT log

# AdwCleaner v3.012 - Report created 16/11/2013 at 22:33:11
# Updated 11/11/2013 by Xplode
# Operating System : Windows Vista (TM) Ultimate Service Pack 1 (32 bits)
# Username : David - DAVID-PC
# Running from : C:\Users\David\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\ICQToolbarData
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\ICQToolbarData
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\SweetIMToolbarData
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\WinampToolbarData
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\CT2233703
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\ICQToolbarData
Folder Deleted : C:\Users\virus\AppData\Roaming\Mozilla\Firefox\Profiles\f2wdeegz.default\ICQToolbarData
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{0B38152B-1B20-484D-A11F-5E04A9B0661F}
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\ffxtlbr@Facemoods.com
Folder Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
File Deleted : C:\Program Files\Mozilla Firefox\Extensions\DTToolbar@toolbarnet.com
File Deleted : C:\Windows\system32\Utils.dll
File Deleted : C:\Program Files\Mozilla Firefox\Components\AskSearch.js
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\Ask.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\Conduit.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\virus\AppData\Roaming\Mozilla\Firefox\Profiles\f2wdeegz.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin.src
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin.src
File Deleted : C:\Users\virus\AppData\Roaming\Mozilla\Firefox\Profiles\f2wdeegz.default\searchplugins\icqplugin.src
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins\SweetIm.xml
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4D12-BE31-D85BF666452B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D581C2FC-2EF5-4253-8533-8A9F279863C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97CD5ED8-4C32-4A77-BEA2-BBD732B03F2A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECDEE021-0D17-467F-A1FF-C7A115230949}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ECDEE021-0D17-467F-A1FF-C7A115230949}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C5C0F58-E061-457D-9033-77307F5ED00C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{97CD5ED8-4C32-4A77-BEA2-BBD732B03F2A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{ECDEE021-0D17-467F-A1FF-C7A115230949}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{ECDEE021-0D17-467F-A1FF-C7A115230949}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{ECDEE021-0D17-467F-A1FF-C7A115230949}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{ECDEE021-0D17-467F-A1FF-C7A115230949}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Key Deleted : HKCU\Software\facemoods.com
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKCU\Software\free-downloads.net
Key Deleted : HKCU\Software\AppDataLow\Software\4shared.com
Key Deleted : HKCU\Software\AppDataLow\Software\free-downloads.net
Key Deleted : HKCU\Software\AppDataLow\Software\TorrentMan
Key Deleted : HKLM\Software\facemoods.com
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\4shared.com
Key Deleted : HKLM\Software\free-downloads.net
Key Deleted : HKLM\Software\TorrentMan
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4shared.com Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\free-downloads.net Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facemoods
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\4shared.com Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\free-downloads.net Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\TorrentMan Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6001.18000

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Prev Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Mozilla Firefox v25.0.1 (cs)

[ File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\prefs.js ]

Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1384608457);
Line Deleted : user_pref("icqtoolbar.history", "zelezarstvi%20kromeriz%2C%20zahradnicka%20technika%2C%20zelezarske%20zbozi%2C%20srouby%2C%20hrebiky%2C%20spojovaci%20material||nabidky%20prace%20kromeriz%2C%20nejnovej[...]
Line Deleted : user_pref("icqtoolbar.hpChange", true);
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1343336311");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "25.0.1");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "130530429913053043091305303944963");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1384556911);
Line Deleted : user_pref("icqtoolbar.userHpApproved", true);
Line Deleted : user_pref("icqtoolbar.version", "1.5.3");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");

[ File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\prefs.js ]

Line Deleted : user_pref("CT2233703.CTID", "CT2233703");
Line Deleted : user_pref("CT2233703.CommunitiesChangesLastCheckTime", "Mon Jan 25 2010 20:44:54 GMT+0100");
Line Deleted : user_pref("CT2233703.CommunityChanged", true);
Line Deleted : user_pref("CT2233703.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2233703.EMailNotifierPollDate", "Mon Jan 25 2010 20:44:57 GMT+0100");
Line Deleted : user_pref("CT2233703.FirstTime", true);
Line Deleted : user_pref("CT2233703.FirstTimeFF3", true);
Line Deleted : user_pref("CT2233703.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2233703.GroupingLastCheckTime", "Mon Jan 25 2010 20:44:55 GMT+0100");
Line Deleted : user_pref("CT2233703.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT2233703.GroupingLastResponse", true);
Line Deleted : user_pref("CT2233703.GroupingLastServerUpdateTime", "129088212683700000");
Line Deleted : user_pref("CT2233703.Initialize", true);
Line Deleted : user_pref("CT2233703.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2233703.InstalledDate", "Mon Jan 25 2010 20:44:54 GMT+0100");
Line Deleted : user_pref("CT2233703.InvalidateCache", false);
Line Deleted : user_pref("CT2233703.IsGrouping", true);
Line Deleted : user_pref("CT2233703.IsMulticommunity", false);
Line Deleted : user_pref("CT2233703.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2233703.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2233703.LanguagePackLastCheckTime", "Mon Jan 25 2010 20:44:56 GMT+0100");
Line Deleted : user_pref("CT2233703.Locale", "en");
Line Deleted : user_pref("CT2233703.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2233703.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2233703.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2233703.RadioIsPodcast", false);
Line Deleted : user_pref("CT2233703.RadioLastCheckTime", "Mon Jan 25 2010 20:44:56 GMT+0100");
Line Deleted : user_pref("CT2233703.RadioLastUpdateIPServer", "0");
Line Deleted : user_pref("CT2233703.RadioLastUpdateServer", "128929877726170000");
Line Deleted : user_pref("CT2233703.RadioMediaID", "11027882");
Line Deleted : user_pref("CT2233703.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT2233703.RadioMenuSelectedID", "EBRadioMenu_CT223370311027882");
Line Deleted : user_pref("CT2233703.RadioStationName", "DANCE%20radio");
Line Deleted : user_pref("CT2233703.RadioStationURL", "hxxp://www.abradio.cz/asx/danceradio32.asx");
Line Deleted : user_pref("CT2233703.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT2233703.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2233703&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2233703.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2233703.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=2&q=");
Line Deleted : user_pref("CT2233703.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2233703.SettingsLastCheckTime", "Mon Jan 25 2010 20:44:53 GMT+0100");
Line Deleted : user_pref("CT2233703.SettingsLastUpdate", "1264340468");
Line Deleted : user_pref("CT2233703.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2233703.ThirdPartyComponentsLastCheck", "Mon Jan 25 2010 20:44:53 GMT+0100");
Line Deleted : user_pref("CT2233703.ThirdPartyComponentsLastUpdate", "1264340468");
Line Deleted : user_pref("CT2233703.WeatherNetwork", "");
Line Deleted : user_pref("CT2233703.WeatherPollDate", "Mon Jan 25 2010 20:44:55 GMT+0100");
Line Deleted : user_pref("CT2233703.WeatherUnit", "C");
Line Deleted : user_pref("CT2233703.backendstorage.hxxp://conduit-fb-toolbar_conduit_com/fbtoolbar.firsttime", "74727565");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2233703");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2233703");
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2233703");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "4shared Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Line Deleted : user_pref("extensions.snipit.askTbInstalled", true);
Line Deleted : user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q={searchTerms}&crm=1");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1286087926);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "britney%20spears%20ass||britney%20sparas%20ass||rose%20mcgowan%20ass||rose%20mcgowan||rose%20mcgovan||holly%20marie%20combs%20ass||holly%20marie%20combs||alyssa%20mila[...]
Line Deleted : user_pref("icqtoolbar.icqgeo", 0);
Line Deleted : user_pref("icqtoolbar.installTime", "1273403573");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "3.6.10");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "124794023612479408361248099346539");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1286088377);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.2&q=");
Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "ICQ Search");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "ICQ Search");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://seznam.cz");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=2&q=");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{27645DF0-4CA8-11DF-984C-0021855ABA5B}");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
Line Deleted : user_pref("sweetim.toolbar.version", "1.0.0.10");
Line Deleted : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;media_btn_wa;shout_btn_wa;aim_go_away_default_btn;wa_aol_bg_5r;");
Line Deleted : user_pref("winamp_toolbar.firsttime.showwindow", false);
Line Deleted : user_pref("winamp_toolbar.install.lastTbVersion", "5.5.1.1");
Line Deleted : user_pref("winamp_toolbar.metrics.activestampdate", "3");
Line Deleted : user_pref("winamp_toolbar.metrics.activestampmonth", "9");
Line Deleted : user_pref("winamp_toolbar.metrics.activestampyear", "2010");
Line Deleted : user_pref("winamp_toolbar.metrics.originalDate", "11");
Line Deleted : user_pref("winamp_toolbar.metrics.originalHours", "11");
Line Deleted : user_pref("winamp_toolbar.metrics.originalMinutes", "36");
Line Deleted : user_pref("winamp_toolbar.metrics.originalMonth", "11");
Line Deleted : user_pref("winamp_toolbar.metrics.originalSeconds", "59");
Line Deleted : user_pref("winamp_toolbar.metrics.originalYear", "2008");
Line Deleted : user_pref("winamp_toolbar.search.populateoncomplete", false);
Line Deleted : user_pref("winamp_toolbar.search.searchtype", "web");
Line Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
Line Deleted : user_pref("winamp_toolbar.upgrade.showwindow", false);
Line Deleted : user_pref("winamp_toolbar.winamp.artist", "");
Line Deleted : user_pref("winamp_toolbar.winamp.title", "-999999");
Line Deleted : user_pref("winamp_toolbar.winamp.tracklength", "-999999");
Line Deleted : user_pref("winamp_toolbar.winamp.tracktime", "-999998");
Line Deleted : user_pref("winamp_toolbar.winamp.volume", "100");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.installsource", "1");

[ File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Line Deleted : user_pref("extensions.foxcub.prev.KWD", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "dmu%20100%20p||dmu%20100%20p%20duoblock||publicinvasion%20sylva||V%C3%BDpo%C4%8Det%20posuvov%C3%A9%20rychlosti||rezna%20rychlost||Chloe%20Camilla||sylva%20ondrusikova|[...]
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "3.6.16");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "128609075412860908931286090924965");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1301166560);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.installsource", "1");

[ File : C:\Users\virus\AppData\Roaming\Mozilla\Firefox\Profiles\f2wdeegz.default\prefs.js ]

Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "viry.cz");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "3.6.3");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "127271303312727130931272715559616");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1275743280);
Line Deleted : user_pref("icqtoolbar.version", "1.1.5");
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=");

-\\ Google Chrome v

[ File : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : search_url

*************************

AdwCleaner[R0].txt - [43098 octets] - [16/11/2013 22:30:12]
AdwCleaner[R1].txt - [42930 octets] - [16/11/2013 22:32:40]
AdwCleaner[S0].txt - [654 octets] - [16/11/2013 22:30:52]
AdwCleaner[S1].txt - [43563 octets] - [16/11/2013 22:33:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [43624 octets] ##########

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=30&t=133101

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-11-2013 01
Ran by David (administrator) on DAVID-PC on 17-11-2013 08:51:40
Running from C:\Users\David\Desktop
Microsoft® Windows Vista™ Ultimate Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Logitech Inc.) c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashServ.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Windows\system32\PnkBstrB.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\SoftActivity\SKL\alsvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\REVOLTEC\FightBoard Advanced 1.00\FightBoard.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
() C:\Program Files\Winamp\winampa.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
() C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Crawler.com) C:\Program Files\Spyware Terminator\Spywareterminatorshield.Exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
(Crawler.com) C:\Program Files\Spyware Terminator\SpywareTerminator.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\daemon.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Logitech Inc.) C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
(Nokia.) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Skype Technologies) C:\Program Files\Skype\Plugin Manager\skypePM.exe
(forum.viry.cz) C:\Users\David\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Microsoft Corporation) C:\Windows\system32\PING.EXE

Log neni cely, takze poprosim o novy log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by David at 2013-11-17 09:04:19
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 57 GB (12%) free of 477 GB
Total RAM: 3070 MB (58% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{AD178CE2-18A5-4B81-9E5B-050DC52D39CE}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "DTToolbar@toolbarnet.com:1.0.0.5, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Program Files\Real\RealPlayer\browserrecord
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}

C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeploytk.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\
icq-search.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-30.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-05-22 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-22 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-04-05 1008184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-25 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-25 92704]
"DelReg"=C:\Program Files\MSI\DualCoreCenter\DelReg.exe [2008-05-13 196608]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-02-13 4915200]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\Windows\system32\xRaidSetup.exe [2007-11-19 1970176]
"FightBoard"=C:\Program Files\REVOLTEC\FightBoard Advanced 1.00\FightBoard.exe [2006-11-27 2441216]
"NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-22 149280]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-02-08 488984]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2007-02-08 774168]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-01-21 92168]
"SpywareTerminator"=C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2010-05-15 1722880]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-05-22 198160]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2009-12-19 500208]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-04-05 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-22 306088]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-04-05 125952]
"Google Update"=C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-19 135664]
"4shared Desktop"=C:\Program Files\4shared Desktop\desktop.exe [2009-12-07 3632640]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2013-07-02 248208]
"ICQ"=~C:\Program Files\ICQ6\ICQ.exe silent []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-04-20 26192680]
"Clownfish"=C:\Program Files\Clownfish\Clownfish.exe [2011-10-10 936448]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DualCoreCenter.lnk - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.I420"=lvcodec2.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.tscc"=tsccvid.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"VIDC.DIVX"=DivX.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=AC3ACM.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2013-11-17 08:51:02 ----D---- C:\FRST
2013-11-16 22:30:10 ----D---- C:\AdwCleaner
2013-11-16 21:42:13 ----D---- C:\Windows\ERUNT
2013-11-15 19:16:50 ----D---- C:\Program Files\Mozilla Firefox
2013-11-01 16:37:41 ----D---- C:\Program Files\Microsoft Synchronization Services
2013-11-01 16:37:37 ----D---- C:\Program Files\Common Files\DESIGNER
2013-11-01 16:36:43 ----D---- C:\Windows\PCHEALTH
2013-11-01 16:36:43 ----D---- C:\Program Files\Microsoft.NET
2013-11-01 16:36:43 ----D---- C:\Program Files\Microsoft Sync Framework
2013-11-01 16:36:43 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-11-01 16:35:00 ----D---- C:\Program Files\Microsoft Visual Studio 8
2013-11-01 16:32:47 ----D---- C:\Program Files\Microsoft Analysis Services
2013-11-01 16:31:40 ----D---- C:\ProgramData\Microsoft Help
2013-11-01 16:31:24 ----RHD---- C:\MSOCache

======List of files/folders modified in the last 1 month======

2013-11-17 09:04:20 ----D---- C:\Program Files\trend micro
2013-11-17 09:04:17 ----D---- C:\Windows\temp
2013-11-17 09:04:17 ----D---- C:\Windows\Prefetch
2013-11-17 08:51:17 ----D---- C:\Users\David\AppData\Roaming\Skype
2013-11-17 08:51:08 ----D---- C:\Windows
2013-11-17 08:50:43 ----D---- C:\Users\David\AppData\Roaming\skypePM
2013-11-17 08:48:28 ----D---- C:\Users\David\AppData\Roaming\4shared Desktop
2013-11-16 22:40:18 ----D---- C:\Program Files\JDownloader2
2013-11-16 22:33:15 ----D---- C:\Windows\System32
2013-11-16 22:30:59 ----RD---- C:\Program Files
2013-11-16 22:30:54 ----D---- C:\ProgramData\ICQ
2013-11-16 21:55:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-16 21:55:18 ----D---- C:\Windows\inf
2013-11-16 21:46:49 ----D---- C:\ProgramData
2013-11-16 21:46:10 ----D---- C:\Windows\system32\Tasks
2013-11-16 21:44:08 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-16 21:42:23 ----D---- C:\Windows\Tasks
2013-11-16 16:51:49 ----D---- C:\Windows\system32\catroot2
2013-11-16 16:51:47 ----SHD---- C:\System Volume Information
2013-11-09 09:50:13 ----D---- C:\Users\David\AppData\Roaming\Media Player Classic
2013-11-09 09:22:19 ----D---- C:\Users\David\AppData\Roaming\Winamp
2013-11-01 17:43:54 ----D---- C:\Windows\Microsoft.NET
2013-11-01 17:43:53 ----RSD---- C:\Windows\assembly
2013-11-01 16:48:40 ----SD---- C:\Users\David\AppData\Roaming\Microsoft
2013-11-01 16:43:11 ----SHD---- C:\Windows\Installer
2013-11-01 16:41:37 ----D---- C:\Windows\winsxs
2013-11-01 16:39:45 ----RSD---- C:\Windows\Fonts
2013-11-01 16:39:28 ----D---- C:\Windows\ShellNew
2013-11-01 16:39:24 ----D---- C:\Program Files\Common Files\microsoft shared
2013-11-01 16:39:05 ----D---- C:\Program Files\MSBuild
2013-11-01 16:37:37 ----D---- C:\Program Files\Common Files
2013-11-01 16:36:45 ----D---- C:\Program Files\Microsoft Office
2013-11-01 16:36:43 ----SD---- C:\ProgramData\Microsoft
2013-11-01 16:33:51 ----A---- C:\Windows\win.ini
2013-11-01 16:33:43 ----D---- C:\Program Files\Common Files\System
2013-11-01 15:30:14 ----D---- C:\Program Files\MSECache
2013-10-25 12:02:52 ----D---- C:\Windows\Logs
2013-10-24 12:03:51 ----D---- C:\Windows\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2008-04-05 145464]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-11-26 72704]
R0 pe3anrqc;UAZ Racing 4x4 Environment Driver (pe3anrqc); C:\Windows\system32\drivers\pe3anrqc.sys [2007-11-09 65152]
R0 ps7anrqc;UAZ Racing 4x4 Synchronization Driver (ps7anrqc); C:\Windows\system32\drivers\ps7anrqc.sys [2007-11-09 68744]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-11-29 717296]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\ProgramData\Spyware Terminator\sp_rsdrv2.sys [2010-05-15 133120]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
R2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys [2009-10-11 16512]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-10-12 281760]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-10-12 25888]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2006-12-21 90688]
R2 SentinelFilter;SentinelFilter; \??\C:\Program Files\JDownloader\downloads\SURFCAM\SURFCAM\crack\SENTINELFILTER.SYS [2006-11-10 256256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-02-14 2061528]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-02-06 25632]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-25 7468544]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-01-13 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-01-13 49160]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-04-05 83328]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-08-24 66560]
S3 aa1rjml0;aa1rjml0; C:\Windows\system32\drivers\aa1rjml0.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-04-05 5632]
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys [2008-02-27 28160]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-02-03 41504]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-04-05 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-04-05 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-04-05 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-04-05 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-02-03 490784]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\MSI\DualCoreCenter\RushTop.sys [2008-05-15 56320]
S3 SAgentDriver;SAgent Driver; \??\C:\Program Files\SoftActivity\SKL\sagendrv.sys [2009-01-07 31088]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1\WNt500x86\Sandra.sys [2008-10-31 22432]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 systormflb;REVOLTEC FightBoard Advanced; C:\Windows\system32\DRIVERS\systormflb.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-04-05 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2008-04-05 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-01-13 29192]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2009-01-13 31240]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-01-13 14728]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-04-05 39936]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-04-05 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-04-05 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 LVPrcSrv;Process Monitor; c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2007-02-06 109344]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-25 118784]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-12-06 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2012-09-15 107832]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Salsvc;Salsvc; C:\Program Files\SoftActivity\SKL\alsvc.exe [2009-02-17 38768]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2013-07-02 93072]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]
S2 pr2anrqc;UAZ Racing 4x4 Drivers Auto Removal (pr2anrqc); C:\Windows\system32\pr2anrqc.exe [2007-11-09 411008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-15 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1\RpcAgentSrv.exe [2008-11-03 98488]

-----------------EOF-----------------

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

OTL logfile created on: 18.11.2013 8:58:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\David\Desktop
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 44,94% Memory free
6,21 Gb Paging File | 4,51 Gb Available in Paging File | 72,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 92,31 Gb Free Space | 19,82% Space Free | Partition Type: NTFS
Drive E: | 29,91 Gb Total Space | 0,95 Gb Free Space | 3,18% Space Free | Partition Type: FAT32

Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.11.18 08:56:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
PRC - [2013.11.15 19:16:56 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.10.09 15:35:20 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
PRC - [2013.07.02 10:19:30 | 000,248,208 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2013.07.02 10:19:30 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010.05.22 12:32:58 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.05.15 15:03:45 | 001,722,880 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\Spywareterminatorshield.Exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009.08.22 16:22:13 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\javaw.exe
PRC - [2009.06.25 14:12:42 | 001,414,144 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.06.02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.05.28 12:45:00 | 000,132,096 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.03.30 09:11:14 | 000,120,320 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.02.17 14:35:14 | 000,038,768 | ---- | M] () -- C:\Program Files\SoftActivity\SKL\alsvc.exe
PRC - [2009.01.21 14:19:54 | 000,092,168 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe
PRC - [2008.08.04 00:02:20 | 000,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2008.07.24 16:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008.07.23 16:25:45 | 000,348,344 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008.07.19 16:38:34 | 000,078,008 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008.07.19 16:38:28 | 000,147,640 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008.07.19 16:38:04 | 000,250,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008.07.19 16:25:06 | 000,016,056 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.04.05 18:14:48 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.04.05 18:14:22 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.04.05 18:12:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.02.13 06:52:10 | 004,915,200 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.02.08 01:13:48 | 000,774,168 | ---- | M] () -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
PRC - [2007.02.08 01:12:48 | 000,488,984 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007.02.08 01:12:20 | 000,230,936 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2007.02.06 17:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007.02.06 17:43:26 | 000,252,704 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
PRC - [2006.11.27 00:26:42 | 002,441,216 | ---- | M] () -- C:\Program Files\REVOLTEC\FightBoard Advanced 1.00\FightBoard.exe
PRC - [2006.10.31 06:10:10 | 006,506,608 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminator.exe
PRC - [2001.10.17 01:04:44 | 000,351,232 | R--- | M] () -- C:\Users\David\Desktop\SALAMAND.EXE


========== Modules (No Company Name) ==========

MOD - [2013.11.15 19:16:56 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.10.09 15:35:20 | 016,233,864 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2010.05.22 12:33:07 | 000,008,704 | ---- | M] () -- C:\Program Files\Real\RealPlayer\rpchromebrowserrecordhelper.dll
MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009.07.13 20:27:40 | 000,128,512 | ---- | M] () -- C:\Program Files\4shared Desktop\CMenu.dll
MOD - [2008.10.11 22:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.08.12 10:16:16 | 002,023,424 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2008.08.04 00:02:20 | 000,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
MOD - [2008.07.29 13:47:56 | 000,016,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2008.07.29 13:47:38 | 000,135,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2008.07.29 13:11:18 | 000,253,952 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2008.07.29 13:01:12 | 007,331,840 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2008.07.29 12:50:26 | 000,364,544 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2008.07.24 16:01:38 | 000,086,016 | ---- | M] () -- C:\Program Files\DAEMON Tools Lite\Lang\CSY.dll
MOD - [2008.07.24 16:01:38 | 000,081,920 | ---- | M] () -- C:\Program Files\DAEMON Tools Lite\Lang\ENU.dll
MOD - [2007.02.08 01:18:18 | 001,119,768 | ---- | M] () -- C:\Program Files\Logitech\QuickCam10\LAppRes.DLL
MOD - [2007.02.08 01:13:48 | 000,774,168 | ---- | M] () -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
MOD - [2007.02.08 01:13:00 | 000,022,040 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LCMServerPS.dll
MOD - [2006.11.27 00:26:42 | 002,441,216 | ---- | M] () -- C:\Program Files\REVOLTEC\FightBoard Advanced 1.00\FightBoard.exe
MOD - [2001.10.17 01:04:44 | 000,351,232 | R--- | M] () -- C:\Users\David\Desktop\SALAMAND.EXE


========== Services (SafeList) ==========

SRV - [2013.11.15 19:16:56 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.10.09 15:35:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.07.02 10:19:30 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.06.02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.02.17 14:35:14 | 000,038,768 | ---- | M] () [Auto | Running] -- C:\Program Files\SoftActivity\SKL\alsvc.exe -- (Salsvc)
SRV - [2008.11.03 16:15:34 | 000,098,488 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2008.07.23 16:25:45 | 000,348,344 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008.07.19 16:38:28 | 000,147,640 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2008.07.19 16:38:04 | 000,250,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2008.07.19 16:25:06 | 000,016,056 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.04.05 18:12:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.11.09 14:08:04 | 000,411,008 | ---- | M] (Cenega Publishing) [Auto | Stopped] -- C:\Windows\System32\pr2anrqc.exe -- (pr2anrqc)
SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.02.06 17:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007.02.06 17:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\systormflb.sys -- (systormflb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aa1rjml0)
DRV - [2010.05.15 15:03:45 | 000,133,120 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Spyware Terminator\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.04.29 14:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.02.24 11:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2009.10.12 17:28:50 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.10.12 17:28:50 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.10.11 14:58:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2009.03.19 13:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009.03.19 13:48:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009.02.09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.02.09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.02.09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.01.13 19:13:52 | 000,049,160 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009.01.13 19:13:44 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009.01.13 19:13:36 | 000,031,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2009.01.13 19:13:28 | 000,029,192 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009.01.13 19:13:20 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2009.01.07 09:56:50 | 000,031,088 | ---- | M] (SoftActivity) [Kernel | On_Demand | Stopped] -- C:\Program Files\SoftActivity\SKL\sagendrv.sys -- (SAgentDriver)
DRV - [2008.11.29 08:45:24 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008.10.31 16:28:26 | 000,022,432 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.19 16:37:42 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.07.19 16:36:03 | 000,051,280 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2008.07.19 16:35:18 | 000,078,416 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2008.07.19 16:33:42 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008.07.19 16:32:36 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2008.06.25 05:57:00 | 007,468,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.05.15 09:55:22 | 000,056,320 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\DualCoreCenter\RushTop.sys -- (RushTopDevice2)
DRV - [2008.02.27 08:08:04 | 000,028,160 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys -- (DualCoreCenter)
DRV - [2008.02.14 07:56:02 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.11.26 04:16:50 | 000,072,704 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2007.11.09 14:07:39 | 000,065,152 | ---- | M] (Cenega Publishing) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pe3anrqc.sys -- (pe3anrqc)
DRV - [2007.11.09 14:07:03 | 000,068,744 | ---- | M] (Cenega Publishing) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ps7anrqc.sys -- (ps7anrqc)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.02.06 17:45:04 | 000,025,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007.02.06 17:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007.02.06 17:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007.02.03 19:32:34 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.02.03 19:27:55 | 000,490,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928)
DRV - [2006.12.21 07:30:02 | 000,090,688 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\sentinel.sys -- (Sentinel)
DRV - [2006.11.10 11:30:10 | 000,256,256 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\JDownloader\downloads\SURFCAM\SURFCAM\crack\SentinelFilter.sys -- (SentinelFilter)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2005.08.30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005.08.30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005.08.30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2005.08.24 14:55:48 | 000,066,560 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.08.10 15:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://www.google.com
IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.0.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\David\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\David\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2010.05.22 12:33:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.06.23 16:45:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.11.16 22:33:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.15 19:16:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.11.16 22:33:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.15 19:16:53 | 000,000,000 | ---D | M]

[2010.12.10 11:22:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Extensions
[2010.12.10 11:22:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2013.11.16 22:33:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\extensions
[2013.03.31 09:48:37 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.11.16 22:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\extensions
[2010.09.04 15:47:14 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2013.11.16 22:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\extensions
[2011.03.27 06:34:43 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.05.13 17:13:14 | 000,002,342 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icq-search.xml
[2012.08.29 18:32:20 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-16.xml
[2012.09.09 08:17:41 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-17.xml
[2012.10.12 21:38:51 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-18.xml
[2012.10.28 21:52:12 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-19.xml
[2012.12.04 15:12:03 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-20.xml
[2013.01.11 20:45:05 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-21.xml
[2013.01.21 15:43:27 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-22.xml
[2013.02.11 17:41:26 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-23.xml
[2013.02.25 11:53:11 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-24.xml
[2013.03.13 17:05:11 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-25.xml
[2013.04.05 06:05:43 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-26.xml
[2013.04.11 21:43:01 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-27.xml
[2013.06.26 07:47:53 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-28.xml
[2013.08.10 10:44:39 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-29.xml
[2013.08.18 11:49:10 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-30.xml
[2013.11.16 22:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.11.15 19:16:52 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013.11.15 19:16:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.11.15 19:16:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.11.15 19:16:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2013.11.15 19:16:51 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com

O1 HOSTS File: ([2010.05.01 12:50:46 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [36X Raid Configurer] C:\Windows\System32\xRaidSetup.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DelReg] C:\Program Files\MSI\DualCoreCenter\DelReg.exe ()
O4 - HKLM..\Run: [FightBoard] C:\Program Files\REVOLTEC\FightBoard Advanced 1.00\FightBoard.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\Spywareterminatorshield.Exe (Crawler.com)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\Default User..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-493184601-2494964019-3008129617-1000..\Run: [4shared Desktop] C:\Program Files\4shared Desktop\desktop.exe (New IT Solutions)
O4 - HKU\S-1-5-21-493184601-2494964019-3008129617-1000..\Run: [Clownfish] C:\Program Files\Clownfish\Clownfish.exe ()
O4 - HKU\S-1-5-21-493184601-2494964019-3008129617-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-493184601-2494964019-3008129617-1000..\Run: [ICQ] C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O4 - HKU\S-1-5-21-493184601-2494964019-3008129617-1000..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-493184601-2494964019-3008129617-1000..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-493184601-2494964019-3008129617-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-493184601-2494964019-3008129617-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 109.164.64.64
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38B166C0-E637-4FE1-BD85-18BF26C4A103}: DhcpNameServer = 8.8.8.8 109.164.64.64
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A840AA6-86F2-4ABB-94C7-780A73F6A7AE}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
O24 - Desktop BackupWallPaper: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.06 08:04:13 | 000,000,272 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8082172b-bdeb-11dd-8947-0021855aba5b}\Shell - "" = AutoRun
O33 - MountPoints2\{8082172b-bdeb-11dd-8947-0021855aba5b}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{8082172b-bdeb-11dd-8947-0021855aba5b}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{8082172b-bdeb-11dd-8947-0021855aba5b}\Shell\install\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{b9843e98-1416-11e1-9ac9-0021855aba5b}\Shell - "" = AutoRun
O33 - MountPoints2\{b9843e98-1416-11e1-9ac9-0021855aba5b}\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\Windows\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.scg726 - C:\Windows\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.voxacm160 - C:\Windows\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\Windows\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.11.18 08:56:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2013.11.17 08:51:02 | 000,000,000 | ---D | C] -- C:\FRST
[2013.11.17 08:42:32 | 000,112,128 | ---- | C] (forum.viry.cz) -- C:\Users\David\Desktop\FRSTLauncher.exe
[2013.11.17 08:42:11 | 001,091,023 | ---- | C] (Farbar) -- C:\Users\David\Desktop\FRST.exe
[2013.11.17 08:40:56 | 000,112,107 | ---- | C] (forum.viry.cz) -- C:\Users\David\Desktop\VerzeOS.exe
[2013.11.16 22:30:10 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.16 21:42:13 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.11.16 21:41:54 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\David\Desktop\JRT.exe
[2013.11.15 19:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.03.06 08:05:07 | 003,200,960 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\vcredist_x64.exe
[2010.03.06 08:05:06 | 002,723,264 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\vcredist_x86.exe
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.11.18 09:01:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.11.18 08:56:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2013.11.18 08:47:25 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.18 08:47:25 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.18 08:35:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.18 08:09:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000UA.job
[2013.11.18 02:48:26 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AD178CE2-18A5-4B81-9E5B-050DC52D39CE}.job
[2013.11.17 21:28:18 | 000,635,814 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.11.17 21:28:18 | 000,625,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.11.17 21:28:18 | 000,134,604 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.11.17 21:28:18 | 000,116,946 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.11.17 16:09:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000Core.job
[2013.11.17 08:47:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.17 08:47:21 | 3220,365,312 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.17 08:42:33 | 000,112,128 | ---- | M] (forum.viry.cz) -- C:\Users\David\Desktop\FRSTLauncher.exe
[2013.11.17 08:42:16 | 001,091,023 | ---- | M] (Farbar) -- C:\Users\David\Desktop\FRST.exe
[2013.11.17 08:40:58 | 000,112,107 | ---- | M] (forum.viry.cz) -- C:\Users\David\Desktop\VerzeOS.exe
[2013.11.16 22:29:20 | 001,085,542 | ---- | M] () -- C:\Users\David\Desktop\adwcleaner.exe
[2013.11.16 21:41:55 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\David\Desktop\JRT.exe
[2013.11.16 17:56:05 | 000,781,383 | ---- | M] () -- C:\Users\David\Desktop\RSIT.exe
[2013.11.16 09:36:16 | 000,020,321 | ---- | M] () -- C:\Users\David\Desktop\agents-of-shield-S01E07-hdtv-By-alexka-aaaja-pandan(1).zip
[2013.11.12 08:29:39 | 000,042,496 | ---- | M] () -- C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.11.18 09:01:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.11.16 22:29:19 | 001,085,542 | ---- | C] () -- C:\Users\David\Desktop\adwcleaner.exe
[2013.11.16 17:56:04 | 000,781,383 | ---- | C] () -- C:\Users\David\Desktop\RSIT.exe
[2013.11.16 09:36:15 | 000,020,321 | ---- | C] () -- C:\Users\David\Desktop\agents-of-shield-S01E07-hdtv-By-alexka-aaaja-pandan(1).zip
[2013.10.17 20:56:46 | 000,216,064 | ---- | C] () -- C:\Windows\System32\gcapi_dll.dll
[2011.12.01 12:34:54 | 000,000,067 | ---- | C] () -- C:\Windows\Easy Video to iPod MP4 PSP 3GP Converter.INI
[2011.11.22 17:25:53 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2010.06.23 17:44:30 | 000,005,114 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik
[2010.05.19 10:35:59 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.05.19 10:35:59 | 000,000,088 | RHS- | C] () -- C:\ProgramData\B3FD813D8C.sys
[2010.04.23 15:03:33 | 000,000,000 | ---- | C] () -- C:\Users\David\AppData\Roaming\AVSMediaPlayer.m3u
[2009.01.24 19:16:13 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008.12.18 15:13:08 | 000,042,496 | ---- | C] () -- C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.09 17:47:34 | 008,101,888 | ---- | C] () -- C:\ProgramData\sandra.mda
[2008.11.10 19:05:36 | 000,022,328 | ---- | C] () -- C:\Users\David\AppData\Roaming\PnkBstrK.sys
[2008.11.10 16:56:09 | 000,000,680 | ---- | C] () -- C:\Users\David\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006.11.02 13:53:06 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008.04.05 18:13:15 | 011,580,416 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008.04.05 18:14:48 | 000,614,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.05 18:13:50 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.11.17 08:48:28 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\4shared Desktop
[2010.05.22 12:00:25 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\AnvSoft
[2010.06.23 17:28:40 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Any Video Converter Professional
[2011.11.17 19:59:40 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Ashampoo
[2008.12.06 14:35:51 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Capcom
[2009.01.24 19:17:25 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ConvertTemp
[2008.11.29 09:11:32 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools
[2012.05.14 13:48:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\foobar2000
[2009.01.08 19:57:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Foxit
[2013.10.17 20:57:07 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Foxit Software
[2009.07.11 10:18:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FUEL
[2010.04.24 09:20:56 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GetRightToGo
[2011.07.25 11:21:10 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GSA Email Spider
[2011.07.26 07:52:01 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQ
[2009.01.17 17:42:43 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQLite
[2010.09.12 08:47:27 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ImgBurn
[2008.11.29 09:24:14 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Leadertech
[2010.04.24 09:31:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Leawo
[2011.11.22 17:29:39 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\MAGIX
[2010.07.07 19:10:26 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Nokia
[2008.12.31 10:20:09 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Off Road
[2010.10.03 08:12:37 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Opera
[2010.06.23 16:47:16 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\PC Suite
[2013.10.12 12:03:42 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ProtectDISC
[2013.10.17 20:02:45 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Rovio
[2009.01.24 19:17:24 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Samsung
[2009.01.04 11:19:56 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Sierra Entertainment
[2009.01.24 19:17:24 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Temporary
[2010.12.10 11:22:23 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TomTom
[2009.01.24 19:17:24 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TransRender
[2009.10.12 17:33:24 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Ubisoft
[2013.09.21 16:46:59 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Unity
[2012.09.01 09:25:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\wargaming.net
[2009.11.04 17:00:23 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\{2B07EC6C-69CF-48FA-B52A-6DE5D223A97F}
[2010.06.05 14:08:14 | 000,000,000 | ---D | M] -- C:\Users\virus\AppData\Roaming\ICQ
[2010.07.29 13:54:58 | 000,000,000 | ---D | M] -- C:\Users\virus\AppData\Roaming\PC Suite

========== Purity Check ==========



========== Custom Scans ==========

< >
[2006.11.02 14:00:25 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 14:00:25 | 000,032,532 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2008.11.10 17:12:32 | 000,000,418 | -H-- | C] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AD178CE2-18A5-4B81-9E5B-050DC52D39CE}.job
[2009.12.19 17:28:21 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000Core.job
[2009.12.19 17:28:22 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000UA.job
[2013.10.02 07:41:25 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2008.04.05 18:10:40 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\ERDNT\cache\atapi.sys
[2008.04.05 18:10:40 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.04.05 18:10:40 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.04.05 18:10:40 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.05 18:15:36 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\System32\autochk.exe
[2008.04.05 18:15:36 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.05 18:10:45 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008.04.05 18:10:45 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.04.05 18:10:45 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.04.05 18:14:48 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\ERDNT\cache\explorer.exe
[2008.04.05 18:14:48 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\explorer.exe
[2008.04.05 18:14:48 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.05 18:10:41 | 000,177,208 | ---- | M] (Microsoft Corporation) MD5=A00B0EDD048786E30EBB2DA65D9A8F74 -- C:\Windows\System32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.05 18:15:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\ERDNT\cache\scecli.dll
[2008.04.05 18:15:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.04.05 18:15:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< MD5 for: SERVICES.EXE >
[2008.04.05 18:15:44 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\ERDNT\cache\services.exe
[2008.04.05 18:15:44 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\System32\services.exe
[2008.04.05 18:15:44 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2006.11.02 10:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.04.05 18:13:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008.04.05 18:13:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.04.05 18:13:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\SoftwareDistribution\Download\e96ddab89324864a3f629877ea55d924\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\SoftwareDistribution\Download\e96ddab89324864a3f629877ea55d924\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2006.11.02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2008.04.05 18:16:28 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\ERDNT\cache\tcpip.sys
[2008.04.05 18:16:28 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\System32\drivers\tcpip.sys
[2008.04.05 18:16:28 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.05 18:15:45 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.04.05 18:15:45 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.04.05 18:15:45 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.04.05 18:15:47 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\ERDNT\cache\winlogon.exe
[2008.04.05 18:15:47 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.04.05 18:15:47 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

color=#A23BEC]< >[/color]

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5d7f15f2b764c278a7ffd0d37add0d96\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5d7f15f2b764c278a7ffd0d37add0d96\*.tmp -> ]
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2010.05.12 19:51:12 | 000,327,680 | ---- | M] (www.need4video.com) -- C:\ToolbarWatcher.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.11.17 08:48:28 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\4shared Desktop
[2012.08.31 07:00:50 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Adobe
[2008.11.10 17:32:10 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Ahead
[2010.05.22 12:00:25 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\AnvSoft
[2010.06.23 17:28:40 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Any Video Converter Professional
[2011.11.17 19:59:40 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Ashampoo
[2008.12.06 14:35:51 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Capcom
[2009.01.24 19:17:25 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ConvertTemp
[2010.05.19 10:36:17 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Corel
[2008.11.29 09:11:32 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools
[2010.04.24 08:10:30 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\dvdcss
[2012.05.14 13:48:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\foobar2000
[2009.01.08 19:57:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Foxit
[2013.10.17 20:57:07 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Foxit Software
[2009.07.11 10:18:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FUEL
[2010.04.24 09:20:56 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GetRightToGo
[2011.07.25 11:21:10 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GSA Email Spider
[2011.07.26 07:52:01 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQ
[2009.01.17 17:42:43 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQLite
[2008.11.10 16:56:12 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Identities
[2010.09.12 08:47:27 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ImgBurn
[2008.11.10 17:05:48 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\InstallShield
[2008.11.29 09:24:14 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Leadertech
[2010.04.24 09:31:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Leawo
[2008.11.10 18:51:15 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Macromedia
[2011.11.22 17:29:39 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\MAGIX
[2010.05.03 17:48:28 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Malwarebytes
[2006.11.02 13:35:50 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Media Center Programs
[2013.11.09 09:50:13 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Media Player Classic
[2013.11.01 16:48:40 | 000,000,000 | --SD | M] -- C:\Users\David\AppData\Roaming\Microsoft
[2008.12.12 18:34:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mozilla
[2010.07.07 19:10:26 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Nokia
[2008.12.31 10:20:09 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Off Road
[2010.10.03 08:12:37 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Opera
[2010.06.23 16:47:16 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\PC Suite
[2013.10.12 12:03:42 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ProtectDISC
[2012.03.14 12:21:52 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Real
[2013.10.17 20:02:45 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Rovio
[2009.01.24 19:17:24 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Samsung
[2008.12.03 14:56:16 | 000,000,000 | RH-D | M] -- C:\Users\David\AppData\Roaming\SecuROM
[2009.01.04 11:19:56 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Sierra Entertainment
[2013.11.18 09:18:40 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Skype
[2013.11.18 08:00:43 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\skypePM
[2009.01.24 19:17:24 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Temporary
[2008.12.10 04:34:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\THQ
[2010.12.10 11:22:23 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TomTom
[2009.01.24 19:17:24 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TransRender
[2009.10.12 17:33:24 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Ubisoft
[2013.09.21 16:46:59 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Unity
[2009.01.08 15:12:54 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\vlc
[2012.09.01 09:25:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\wargaming.net
[2013.11.09 09:22:19 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Winamp
[2008.11.10 18:40:09 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\WinRAR
[2009.11.04 17:00:23 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\{2B07EC6C-69CF-48FA-B52A-6DE5D223A97F}

< %APPDATA%\*.exe /s >
[2009.12.14 15:52:31 | 000,010,134 | R--- | M] () -- C:\Users\David\AppData\Roaming\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93}\ARPPRODUCTICON.exe
[2008.12.31 10:27:25 | 000,010,134 | R--- | M] () -- C:\Users\David\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2009.12.14 15:52:50 | 000,010,134 | R--- | M] () -- C:\Users\David\AppData\Roaming\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870}\ARPPRODUCTICON.exe
[2013.10.17 08:57:14 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Users\David\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
[2009.11.04 17:00:43 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\David\AppData\Roaming\Microsoft\Installer\{D0071C79-4B13-4F51-9D6F-6DD271F2ED86}\ARPPRODUCTICON.exe
[2009.11.04 17:00:43 | 000,077,824 | R--- | M] (Acresso Software Inc.) -- C:\Users\David\AppData\Roaming\Microsoft\Installer\{D0071C79-4B13-4F51-9D6F-6DD271F2ED86}\windowsclock.exe1_5F9D7D20EC4A484EA86E80AC52072F62.exe
[2009.12.14 15:52:23 | 000,010,134 | R--- | M] () -- C:\Users\David\AppData\Roaming\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.11.18 08:35:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.11.17 16:09:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000Core.job
[2013.11.18 09:09:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000UA.job
[2013.11.18 02:48:26 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AD178CE2-18A5-4B81-9E5B-050DC52D39CE}.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.11.29 08:45:24 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.11.18 08:47:25 | 000,003,712 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.18 08:47:25 | 000,003,712 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.17 21:28:18 | 000,134,604 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.11.17 21:28:18 | 000,116,946 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.11.17 21:28:18 | 000,635,814 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.11.17 21:28:18 | 000,625,384 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.11.17 21:28:18 | 001,508,238 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2010.05.12 19:51:12 | 000,327,680 | ---- | M] (www.need4video.com) -- C:\ToolbarWatcher.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008.04.05 18:12:23 | 001,233,920 | ---- | M] (Microsoft Corporation)
"WindowsWelcomeCenter" = rundll32.exe oobefldr.dll,ShowWelcomeCenter
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2008.07.24 16:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd)
"RGSC" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent -- [2008.12.22 17:42:47 | 000,306,088 | ---- | M] (Take-Two Interactive Software, Inc.)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.04.05 18:16:54 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2009.12.19 17:28:20 | 000,135,664 | ---- | M] (Google Inc.)
"4shared Desktop" = "C:\Program Files\4shared Desktop\desktop.exe" "startup" -- [2009.12.07 11:44:18 | 003,632,640 | ---- | M] (New IT Solutions)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.06.25 14:12:42 | 001,414,144 | ---- | M] (Nokia)
"TomTomHOME.exe" = "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -- [2013.07.02 10:19:30 | 000,248,208 | ---- | M] (TomTom)
"ICQ" = ~"C:\Program Files\ICQ6\ICQ.exe" silent -- [2008.09.01 16:08:21 | 000,173,304 | ---- | M] (ICQ, Inc.)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2010.04.20 12:14:54 | 026,192,680 | R--- | M] (Skype Technologies S.A.)
"Clownfish" = "C:\Program Files\Clownfish\Clownfish.exe" -- [2011.10.10 08:39:00 | 000,936,448 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.11.15 19:16:56 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=077D59BA0FD4007E841B6C670862B065 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2008.04.05 18:13:20 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=5B92133D3E7FB2644677686305E29E81 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2010.10.08 13:00:10 | 000,836,464 | ---- | M] (Opera Software) MD5=611BA6CD548C0CC7B4B6551913C1471B -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.11.18 09:01:57 | 000,000,512 | ---- | M] () MD5=BFF8205E180E1FF7F8BBA4C0143F395F -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2007.11.15 23:41:48 | 000,000,372 | ---- | M] () -- \1\CoD4\CoD4\deamon pro\návod na crack.txt
[2009.05.12 21:54:30 | 006,559,231 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Top 1000 Classic Rock Songs of the Millennium\511.Cracker_-_Low.mp3.vir
[2006.04.24 09:22:14 | 006,638,616 | R--- | M] () -- \Program Files\Atari\Test Drive Unlimited\Euro\Radio\Radio Bot\Fix the Cracks - Humanzi.mp3
[2007.03.19 13:14:16 | 000,076,354 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\Levels\Mission_05\LMaps\train_lair_cracked_1029.lmap
[2007.03.22 09:01:36 | 000,000,252 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\materials\buildings\concrete_cracked02.mat
[2007.01.29 16:32:06 | 000,141,280 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\Meshes\Buildings\train_lair_cracked.3da
[2007.01.18 12:51:16 | 000,238,488 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\Meshes\LevelDesign\obst_cracked_tree.3da
[2007.01.18 12:51:14 | 000,238,488 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\Meshes\Nature\Mission_02\cracked_tree.3da
[2007.01.29 16:32:14 | 000,238,488 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\Meshes\Nature\Mission_05\cracked_tree.3da
[2007.01.18 12:52:04 | 001,398,232 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\Textures\Buildings\building_g_concrete-cracked01.tex
[2007.01.18 12:52:10 | 000,699,192 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\Textures\Buildings\building_g_concrete-cracked02.tex
[2007.01.03 10:53:26 | 000,011,040 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\Textures\Buildings\miasto\m_cracked_window.tex
[2011.09.22 10:50:29 | 000,000,114 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\cracked.com.png
[2013.01.10 19:25:58 | 000,004,412 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\CrackedCom.class
[2012.03.26 21:53:12 | 000,000,573 | ---- | M] () -- \Program Files\JDownloader2\jd\img\favicons\cracked.com.png
[2013.03.13 12:17:35 | 000,004,125 | ---- | M] () -- \Program Files\JDownloader2\jd\plugins\hoster\CrackedCom.class
[2010.09.05 10:06:19 | 000,006,448 | R--- | M] () -- \Users\David\AppData\Local\VirtualStore\Program Files\BitLord\Torrents\CRACKED BY SalaR TMbot Travian Manager.rar.torrent

< *keygen* /s >
[2007.11.06 21:47:04 | 000,098,304 | ---- | M] () -- \1\CoD4\CoD4\cod4.crac.keygen.by.steven\cod4.crac.keygen.by.steven\keygen.exe
[2003.12.04 10:47:40 | 000,071,378 | R--- | M] () -- \1\SOFT\NERO 6\Nero.6.Keygen-ORiON.ShareReactor.zip
[2003.07.12 01:06:04 | 000,070,144 | R--- | M] () -- \1\SOFT\NERO 6\NeroBR6000KeyGen_Working.exe
[2012.08.31 15:36:30 | 000,313,344 | ---- | M] () -- \Users\David\Desktop\Adobe-Photoshop-CS5-Keygen.exe

< *loader* /s >
[2010.11.24 19:07:22 | 000,001,069 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\ffxtlbr@Facemoods.com\content\Loader.js.vir
[2010.09.21 17:57:34 | 000,063,256 | ---- | M] () -- \Program Files\1C\111111\Binaries\win32\PhysXLocal\PhysXLoader.dll
[2007.03.16 09:43:10 | 000,349,648 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\Levels\Mission_06\mission_06_loader.tex
[2007.03.16 10:55:46 | 000,349,648 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\Levels\Mission_07\mission_07_loader.tex
[2007.03.22 09:01:22 | 000,951,106 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\Mission_01_Loader.png
[2007.03.22 09:01:22 | 000,349,648 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\mission_01_loader.tex
[2007.03.19 16:50:54 | 000,926,723 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\Mission_02_Loader.png
[2007.03.19 16:50:54 | 000,349,648 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\mission_02_loader.tex
[2007.03.19 16:50:54 | 000,885,631 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\Mission_03_Loader.png
[2007.03.19 16:50:54 | 000,349,648 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\mission_03_loader.tex
[2007.03.16 09:43:18 | 000,956,730 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\Mission_04_Loader.png
[2007.03.16 09:43:18 | 000,349,648 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\mission_04_loader.tex
[2007.03.19 13:14:32 | 000,778,172 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\Mission_05_Loader.png
[2007.03.19 13:14:32 | 000,349,648 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\mission_05_loader.tex
[2007.03.16 14:19:16 | 000,818,722 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\Mission_06_Loader.png
[2007.03.16 14:19:16 | 000,349,648 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\mission_06_loader.tex
[2007.03.16 14:19:18 | 000,890,469 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\Mission_07_Loader.png
[2007.03.16 14:19:18 | 000,349,648 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\mission_07_loader.tex
[2007.03.22 09:01:22 | 000,859,589 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\Mission_08_Loader.png
[2007.03.22 09:01:22 | 000,349,648 | ---- | M] () -- \Program Files\City Interactive\The Hell in Vietnam\Data\LocalizedData\Levels\mission_08_loader.tex
[2008.04.08 09:54:14 | 000,000,115 | ---- | M] () -- \Program Files\Codemasters\GRID\audio\audio_loader.xml
[2008.04.17 21:02:14 | 000,001,028 | ---- | M] () -- \Program Files\Codemasters\GRID\Osd\osd_loader.xml
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.03.01 11:31:26 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2009.03.01 11:31:26 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2008.09.01 15:37:03 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2008.09.01 15:37:03 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2011.07.26 07:49:25 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.07.26 07:49:25 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.07.26 07:49:25 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2009.10.26 21:52:34 | 000,214,528 | ---- | M] () -- \Program Files\JDownloader\JDownloader.exe
[2011.04.15 01:36:46 | 000,593,293 | ---- | M] () -- \Program Files\JDownloader\JDownloader.jar
[2010.03.05 08:01:03 | 000,000,100 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\ipauploader.com.png
[2009.10.06 23:48:58 | 000,000,113 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2010.02.12 22:18:58 | 000,003,107 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\decrypter\UploaderRo.class
[2009.10.30 19:18:06 | 000,003,264 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\IPAUploaderCom.class
[2013.01.10 19:24:45 | 000,011,071 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2013.02.18 09:48:39 | 000,004,584 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2013.01.10 19:24:08 | 000,007,073 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\UploaderPl.class
[2009.10.26 21:48:22 | 000,032,222 | ---- | M] () -- \Program Files\JDownloader\licenses\jdownloader.license
[2011.08.17 16:47:42 | 000,214,528 | ---- | M] () -- \Program Files\JDownloader2\JDownloader.exe
[2012.03.06 16:53:17 | 000,743,728 | ---- | M] () -- \Program Files\JDownloader2\JDownloader.jar
[2013.11.17 11:19:00 | 000,579,072 | ---- | M] () -- \Program Files\JDownloader2\JDownloader.log
[2013.03.27 21:52:02 | 000,000,226 | ---- | M] () -- \Program Files\JDownloader2\JDownloader.log.1
[2013.11.17 11:19:00 | 000,000,000 | ---- | M] () -- \Program Files\JDownloader2\JDownloader.log.lck
[2011.08.17 16:47:42 | 000,218,816 | ---- | M] () -- \Program Files\JDownloader2\JDownloaderBETA.exe
[2011.08.17 16:47:42 | 000,218,816 | ---- | M] () -- \Program Files\JDownloader2\JDownloaderD3D.exe
[2012.03.06 16:48:15 | 000,214,528 | ---- | M] () -- \Program Files\JDownloader2\JDownloaderNIGHTLY.exe
[2013.10.24 16:14:58 | 000,000,292 | ---- | M] () -- \Program Files\JDownloader2\jd\img\favicons\exclusiveloader.com.png
[2012.03.06 16:58:01 | 000,001,010 | ---- | M] () -- \Program Files\JDownloader2\jd\img\favicons\jdownloader.org.png
[2013.10.16 11:28:44 | 000,000,536 | ---- | M] () -- \Program Files\JDownloader2\jd\img\favicons\uploader.pl.png
[2012.10.10 19:55:22 | 000,011,082 | ---- | M] () -- \Program Files\JDownloader2\jd\plugins\hoster\MyDownloaderNet.class
[2013.03.04 18:57:38 | 000,004,584 | ---- | M] () -- \Program Files\JDownloader2\jd\plugins\hoster\OmpLoaderOrg.class
[2013.06.25 11:34:56 | 000,003,880 | ---- | M] () -- \Program Files\JDownloader2\jd\plugins\hoster\UploaderJp.class
[2012.03.06 16:54:57 | 000,032,222 | ---- | M] () -- \Program Files\JDownloader2\licenses\jdownloader.license
[2007.03.17 18:59:58 | 000,001,067 | ---- | M] () -- \Program Files\MediaCoder\extensions\_include\loader.html
[2010.05.19 09:42:58 | 000,001,648 | ---- | M] () -- \Program Files\Mv2Player\Config\C__PROGRAM_FILES_JDOWNLOADER_DOWNLOADS_LOVCI_POKLADU_KNIHA_TAJEMSTVI_2007_BY_KOITUS_LOVCI_POKLADU_KNIHA_TAJEMSTVI_2007_DVDR_CZ_LEMUR_VIDEO_TS_VIDEO_TS_IFO.mv2
[2008.07.14 14:55:58 | 001,560,576 | ---- | M] () -- \Program Files\Nokia\Nokia Map Loader\map loader.exe
[2009.01.21 14:30:04 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2009.06.27 21:44:30 | 000,163,840 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\PhysXLoader.dll
[2009.09.22 22:20:34 | 000,072,871 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\store_zetor7745Frontloader.png
[2009.09.22 22:20:32 | 000,062,357 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\store_zetorForterraFrontloader.png
[2009.06.27 21:43:52 | 001,574,510 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\steerable\fendt\fendt614_frontloader.i3d
[2009.06.27 21:43:52 | 000,005,013 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\steerable\fendt\fendt614_frontloader.xml
[2009.09.22 22:28:40 | 000,174,904 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\steerable\fendt\frontloader_diffuse.dds
[2009.09.22 22:20:32 | 001,930,540 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\steerable\zetor\zetor7745Frontloader.i3d
[2009.09.22 22:20:32 | 000,004,710 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\steerable\zetor\zetor7745Frontloader.xml
[2009.09.22 22:20:32 | 003,304,593 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\steerable\zetor\zetorForterraFrontloader.i3d
[2009.09.22 22:20:32 | 000,005,773 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\steerable\zetor\zetorForterraFrontloader.xml
[2009.09.22 22:31:02 | 000,174,904 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\steerable\zetor\zetorForterraFrontloader_diffuse.dds
[2009.06.27 21:39:30 | 000,077,314 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\tools\frontloaderBalefork.i3d
[2009.06.27 21:39:30 | 000,000,661 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\tools\frontloaderBalefork.xml
[2009.09.22 22:29:40 | 000,043,832 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\tools\frontloaderBalefork_diffuse.dds
[2009.06.27 21:39:30 | 000,071,544 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\tools\frontloaderPalletfork.i3d
[2009.06.27 21:39:30 | 000,000,662 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\tools\frontloaderPalletfork.xml
[2009.09.22 22:29:40 | 000,087,528 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\tools\frontloaderPalletfork_diffuse.dds
[2009.06.27 21:39:30 | 000,066,726 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\tools\frontloaderShovel.i3d
[2009.06.27 21:39:30 | 000,000,646 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\tools\frontloaderShovel.xml
[2009.09.22 22:29:40 | 000,087,528 | ---- | M] () -- \Program Files\TopCD\Traktor Simulátor\data\vehicles\tools\frontloaderShovel_diffuse.dds
[2006.10.07 18:36:22 | 000,699,216 | ---- | M] () -- \Program Files\UAZ Racing 4x4\Data\Menu\textures\Loader_Custom.dds
[2004.05.07 14:29:58 | 002,097,280 | ---- | M] () -- \Program Files\UAZ Racing 4x4\Data\Menu\textures\Loader_Finland.dds
[2004.05.07 14:29:58 | 002,097,280 | ---- | M] () -- \Program Files\UAZ Racing 4x4\Data\Menu\textures\Loader_Irland.dds
[2004.05.07 14:30:00 | 002,097,280 | ---- | M] () -- \Program Files\UAZ Racing 4x4\Data\Menu\textures\Loader_Kenya.dds
[2004.05.07 14:30:00 | 002,097,280 | ---- | M] () -- \Program Files\UAZ Racing 4x4\Data\Menu\textures\Loader_Nevada.dds
[2004.05.07 14:30:02 | 002,097,280 | ---- | M] () -- \Program Files\UAZ Racing 4x4\Data\Menu\textures\Loader_Poland.dds
[2006.10.07 18:36:22 | 000,699,216 | ---- | M] () -- \Program Files\UAZ Racing 4x4\Data\Menu\textures\Loader_Test.dds
[2006.10.23 12:00:50 | 000,002,537 | ---- | M] () -- \Program Files\UAZ Racing 4x4\Java\ClassReloader.class
[2010.05.19 22:22:30 | 000,974,336 | ---- | M] () -- \Program Files\VDownloader\VDownloader.exe
[2009.12.04 04:28:24 | 000,015,086 | ---- | M] () -- \Program Files\VDownloader\VDownloader.ico
[2010.03.19 04:25:22 | 000,003,584 | ---- | M] () -- \Program Files\VDownloader\ar\VDownloader.resources.dll
[2010.03.19 04:25:22 | 000,015,360 | ---- | M] () -- \Program Files\VDownloader\de\VDownloader.resources.dll
[2010.03.19 04:25:22 | 000,015,360 | ---- | M] () -- \Program Files\VDownloader\es\VDownloader.resources.dll
[2010.03.19 04:25:22 | 000,015,872 | ---- | M] () -- \Program Files\VDownloader\fr\VDownloader.resources.dll
[2010.03.19 04:25:22 | 000,015,360 | ---- | M] () -- \Program Files\VDownloader\it\VDownloader.resources.dll
[2010.03.19 04:25:22 | 000,016,384 | ---- | M] () -- \Program Files\VDownloader\ja\VDownloader.resources.dll
[2010.03.19 04:25:22 | 000,003,584 | ---- | M] () -- \Program Files\VDownloader\ko\VDownloader.resources.dll
[2010.03.19 04:25:22 | 000,014,848 | ---- | M] () -- \Program Files\VDownloader\nl\VDownloader.resources.dll
[2010.03.19 04:25:22 | 000,003,584 | ---- | M] () -- \Program Files\VDownloader\pt\VDownloader.resources.dll
[2010.03.19 04:25:22 | 000,015,360 | ---- | M] () -- \Program Files\VDownloader\pt-BR\VDownloader.resources.dll
[2010.03.19 04:25:22 | 000,028,672 | ---- | M] () -- \Program Files\VDownloader\ru\VDownloader.resources.dll
[2010.03.19 04:25:22 | 000,015,360 | ---- | M] () -- \Program Files\VDownloader\tr\VDownloader.resources.dll
[2010.03.19 04:25:24 | 000,024,576 | ---- | M] () -- \Program Files\VDownloader\zh-CHS\VDownloader.resources.dll
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.08.25 14:47:42 | 000,475,136 | ---- | M] () -- \Program Files\YouTube Downloader\YouTubeDownloader.exe
[2012.01.31 13:02:59 | 000,001,739 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.01.31 13:02:59 | 000,001,718 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.01.31 13:02:59 | 000,001,760 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2010.06.23 19:43:54 | 000,002,008 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia\Nokia Map Loader\Nokia Map Loader.lnk
[2010.06.23 19:43:54 | 000,001,801 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia\Nokia Map Loader\Uninstall Nokia Map Loader.lnk
[2010.05.22 12:19:31 | 000,001,746 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.lnk
[2011.09.24 16:22:12 | 000,000,072 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.url
[2011.09.24 16:22:12 | 000,001,841 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2008.02.18 13:24:06 | 000,001,037 | ---- | M] () -- \Programme\iTNC530\340494\sys\usr\lib\gtk\etc\gtk-2.0\gdk-pixbuf.loaders
[2008.02.18 13:24:06 | 000,002,416 | ---- | M] () -- \Programme\iTNC530\340494\sys\usr\lib\gtk\etc\gtk-2.0\gdk-pixbuf.loaders.all
[2007.02.05 13:32:28 | 000,001,702 | ---- | M] () -- \SURFCAM\Velocity3\Trans\iopR16\lib3dx\intel_a\resources\msgcatalog\CATFMSaveLoadError.CATNls
[2007.02.05 13:32:28 | 000,000,584 | ---- | M] () -- \SURFCAM\Velocity3\Trans\iopR16\lib3dx\intel_a\resources\msgcatalog\CATMMSaveLoadError.CATNls
[2007.02.05 13:32:28 | 000,000,066 | ---- | M] () -- \SURFCAM\Velocity3\Trans\iopR16\lib3dx\intel_a\resources\msgcatalog\CATOMCATSDMSaveLoadError.CATNls
[2007.02.05 13:32:28 | 000,000,721 | ---- | M] () -- \SURFCAM\Velocity3\Trans\iopR16\lib3dx\intel_a\resources\msgcatalog\CATOMLoadError.CATNls
[2007.02.05 13:32:28 | 000,003,533 | ---- | M] () -- \SURFCAM\Velocity3\Trans\iopR16\lib3dx\intel_a\resources\msgcatalog\CATOMSaveLoadError.CATNls
[2007.02.05 13:32:28 | 000,004,548 | ---- | M] () -- \SURFCAM\Velocity3\Trans\iopR16\lib3dx\intel_a\resources\msgcatalog\CATOsmSaveLoadError.CATNls
[2007.02.05 13:32:28 | 000,000,621 | ---- | M] () -- \SURFCAM\Velocity3\Trans\iopR16\lib3dx\intel_a\resources\msgcatalog\CATSmBOMSaveLoadError.CATNls
[2007.02.05 13:32:28 | 000,000,098 | ---- | M] () -- \SURFCAM\Velocity3\Trans\iopR16\lib3dx\intel_a\resources\msgcatalog\CATStandardSaveLoadError.CATNls
[2007.02.05 13:32:28 | 000,000,832 | ---- | M] () -- \SURFCAM\Velocity3\Trans\iopR16\lib3dx\intel_a\resources\msgcatalog\OMCATSaveLoadError.CATNls
[2012.01.31 13:02:59 | 000,001,739 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.01.31 13:02:59 | 000,001,718 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.01.31 13:02:59 | 000,001,760 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2010.06.23 19:43:54 | 000,002,008 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Nokia\Nokia Map Loader\Nokia Map Loader.lnk
[2010.06.23 19:43:54 | 000,001,801 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Nokia\Nokia Map Loader\Uninstall Nokia Map Loader.lnk
[2010.05.22 12:19:31 | 000,001,746 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.lnk
[2011.09.24 16:22:12 | 000,000,072 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.url
[2011.09.24 16:22:12 | 000,001,841 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2010.05.22 12:26:13 | 000,001,684 | ---- | M] () -- \Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk
[2009.12.30 09:28:30 | 000,000,610 | ---- | M] () -- \Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader Support.lnk
[2009.12.30 09:28:29 | 000,000,980 | ---- | M] () -- \Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader.lnk
[2009.12.30 09:28:32 | 000,000,970 | ---- | M] () -- \Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\Uninstall JDownloader.lnk
[2010.04.08 15:11:38 | 000,009,225 | ---- | M] () -- \Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\content\scriptdownloader.js
[2010.05.19 10:39:06 | 000,034,614 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VIDEO_TS.VOB.bmp
[2010.05.19 10:39:15 | 001,036,854 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_03_1.VOB.bmp
[2010.05.19 10:39:18 | 001,036,854 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_04_1.VOB.bmp
[2010.05.19 10:39:22 | 001,036,854 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_05_1.VOB.bmp
[2010.05.19 10:39:25 | 001,036,854 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_06_1.VOB.bmp
[2010.05.19 10:39:28 | 001,036,854 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_07_1.VOB.bmp
[2010.05.19 10:39:31 | 001,036,854 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_08_1.VOB.bmp
[2010.05.19 10:39:34 | 001,244,214 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_09_1.VOB.bmp
[2010.05.19 10:39:37 | 001,244,214 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_10_1.VOB.bmp
[2010.05.19 10:39:40 | 001,244,214 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_11_1.VOB.bmp
[2010.05.19 10:39:43 | 001,244,214 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_12_1.VOB.bmp
[2010.05.19 10:39:44 | 000,034,614 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_13_0.VOB.bmp
[2010.05.19 10:39:44 | 000,034,614 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_13_1.VOB.bmp
[2010.05.19 10:39:44 | 000,034,614 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_13_2.VOB.bmp
[2010.05.19 10:39:45 | 000,034,614 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_13_3.VOB.bmp
[2010.05.19 10:39:45 | 000,034,614 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_13_4.VOB.bmp
[2010.05.19 10:39:45 | 000,034,614 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_13_5.VOB.bmp
[2010.05.19 10:39:48 | 001,244,214 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_14_1.VOB.bmp
[2010.05.19 10:39:52 | 001,244,214 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_15_1.VOB.bmp
[2010.05.19 10:39:55 | 001,244,214 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_16_1.VOB.bmp
[2010.05.19 10:39:58 | 001,244,214 | ---- | M] () -- \Users\David\Corel\WinDVD10\Playlist\Thumbnail\C__Program Files_JDownloader_downloads_surr DVD9 CZ_VIDEO_TS_VTS_17_1.VOB.bmp
[2009.12.30 09:28:30 | 000,000,828 | ---- | M] () -- \Users\David\Desktop\PROGRAMY\JDownloader.lnk
[2012.03.06 16:48:15 | 000,214,528 | ---- | M] () -- \Users\David\Desktop\PROGRAMY\JDownloaderNIGHTLY.exe
[2012.03.06 16:49:34 | 000,616,848 | ---- | M] () -- \Users\David\Desktop\PROGRAMY\JDownloaderSetup_3IC.exe
[2010.06.23 19:43:54 | 000,001,984 | ---- | M] () -- \Users\David\Desktop\PROGRAMY\Nokia Map Loader.lnk
[2010.09.14 09:26:30 | 000,000,051 | ---- | M] () -- \Users\David\Documents\TomTom\HOME\Backup\XXL\Backup01\InternalMemory\bootloaderversion.txt
[2010.05.22 12:19:31 | 000,000,919 | ---- | M] () -- \Users\virus\Desktop\YouTube Downloader.lnk
[2013.11.17 11:19:00 | 000,016,150 | ---- | M] () -- \Windows\Prefetch\JDOWNLOADER.EXE-1922E975.pf
[2008.04.05 18:12:47 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.20 08:34:54 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[4 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2008.04.05 18:25:38 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.04.05 18:25:38 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.04.05 18:25:38 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2008.04.05 18:25:02 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.04.05 18:25:02 | 000,986,680 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048_winload.exe_75835076
[2008.04.05 18:25:02 | 000,926,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048_winresume.exe_85cd1215
[2008.04.05 18:24:53 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.04.05 18:24:53 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.04.05 17:56:06 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_de-de_cbcaa800f7f71dcc.manifest
[2008.04.05 17:56:04 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_en-us_74bb7df9e6d52991.manifest
[2008.04.05 17:56:07 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_es-es_7486dadde6fc1b36.manifest
[2008.04.05 17:56:04 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_fr-fr_173e50dcd9ce3198.manifest
[2008.04.05 17:56:09 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_it-it_01664723b1001716.manifest
[2008.04.05 17:56:09 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_ja-jp_a38bc630a41b28f1.manifest
[2008.04.05 17:56:10 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16609_nl-nl_2dc76f586fdd2598.manifest
[2008.04.05 17:56:06 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_de-de_cc2ed396113192b6.manifest
[2008.04.05 17:56:04 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_en-us_751fa98f000f9e7b.manifest
[2008.04.05 17:56:07 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_es-es_74eb067300369020.manifest
[2008.04.05 17:56:04 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_fr-fr_17a27c71f308a682.manifest
[2008.04.05 17:56:09 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_it-it_01ca72b8ca3a8c00.manifest
[2008.04.05 17:56:09 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_ja-jp_a3eff1c5bd559ddb.manifest
[2008.04.05 17:56:10 | 000,003,726 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20734_nl-nl_2e2b9aed89179a82.manifest
[2008.04.05 18:08:18 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.04.05 17:56:03 | 000,005,227 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16609_none_59497e266f783366.manifest
[2008.04.05 17:56:03 | 000,005,227 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20734_none_59ada9bb88b2a850.manifest
[2008.04.05 18:06:55 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2006.11.02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.04.05 18:05:17 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 13:32:26 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.04.05 18:12:47 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP:8927A071

< End of report >

OTL Extras logfile created on: 18.11.2013 8:58:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\David\Desktop
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 44,94% Memory free
6,21 Gb Paging File | 4,51 Gb Available in Paging File | 72,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 92,31 Gb Free Space | 19,82% Space Free | Partition Type: NTFS
Drive E: | 29,91 Gb Total Space | 0,95 Gb Free Space | 3,18% Space Free | Partition Type: FAT32

Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-493184601-2494964019-3008129617-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0128523A-3CEF-489E-93E5-6AD039E60DE8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{045F7F06-F42D-48FF-9CF9-A0F01F36873B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{06ECAC24-9CB3-4F91-8C18-E83BEF797C52}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{071417D1-9FAD-49B7-A169-CDCA456253FE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0AB1AF1F-DACB-4550-97F8-05A13FC4B853}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{0BD6D12C-8969-4DA8-8F21-5BF7A55974CB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{10D01A24-6921-4524-84F2-229B96EABF6E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{1A83866E-5660-4BE5-8A5E-7C0305198ABB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{1B3EECB5-C698-42D8-91CE-508282228FE9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{205D8BD4-4069-40F1-BA1D-49BCF745D7B0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{21C96F51-82E6-469B-9C32-ABB24CCB7134}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{23E8D16C-E892-42DA-BCB2-4F04A01ADE79}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{288182B6-CAF6-4ED0-B570-E4D24448EF44}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{2A105EDB-DFDF-4ED1-96BA-4EAF555D0A33}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{2ACC77EA-B016-412B-90BD-F0237273BB69}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{2CBADB61-5DDA-41AA-8A79-0578D549C928}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{3A0EDE88-9E23-434F-8EB9-E8E2EC0AFBE6}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{3F4EF122-BF01-4A8F-B0F2-926A3CA71A3A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{42558362-5575-497C-A8F5-742974617EB3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{4944EBB3-A2E8-4F38-9ED7-25CC1B135B82}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{4DBDFD2C-2D97-4434-87FC-F9F1A3E1FAE2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{4FF7ACA8-FF58-404D-BB45-D93B83458A1F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{51E799CD-A72D-4F99-98F2-E60B7AC2308D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{54B9A21F-F6FB-478B-B90A-25AB79F2246F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{5DFAD3AD-ACCD-4EB3-8A3C-F33B4B1C0D16}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{60086FBD-8C2E-42D2-A197-2F0EBD34D775}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{62A478CA-AE14-4A60-B75C-98D73488A41C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{648801C7-E047-48B5-ADC9-6BEB7EB33ED9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{68A512CC-097A-4BA3-A0A6-B0123AC91548}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6BD405A3-DB9A-48C0-8B24-EC63840FB1FC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{6FD6A2FB-2742-45AC-A43A-34C7151E95B9}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp1\rpcagentsrv.exe |
"{7190510C-01DE-46A2-8FAA-E0BE13F7C553}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{74355740-6E88-4838-92C3-300A68BAB1F4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{7844B491-6742-4DA4-A75E-642EA0652796}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{795907A1-E22D-40A4-A6E5-A5C44A9AE796}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{7A4AF4F3-3F0E-43B9-93FF-5CB1870D6D8F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{7CABB88A-3E5D-4DF2-BC0B-FB4EB0582AA1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{800B1A10-2986-471F-9060-E4B999AE5E1F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{83B7F259-AA97-4469-9561-9BBD4F9866A4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{84C96818-2833-49DC-A73D-3834025C1337}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{8507D3DC-0CD9-4789-A6B6-92995D4C36BB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{8557C131-4FC1-4CC9-891A-15F2680123C5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{87321C1E-A12D-4824-BD50-1863CF0C57C3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{881372B3-C4BC-4F86-A2DD-1D02074992AF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{901051BA-C6BC-46C5-9F74-FF28F74DBFBA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{959D10F4-E425-4B58-A5AD-FC25233CD696}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{9ADCEB3D-9788-41ED-B6E1-A534D38CF227}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{9E429D5B-36BB-4D16-A860-A1402773B1DB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{A0F5A0DF-44F4-40A9-9521-81AEB331B93C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{AB075DC1-7130-4FC6-B466-51137BF69B4A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{B0A05448-376C-4AD0-BEFE-DA26184D6072}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{B3E88114-2088-479E-9720-35730F82DF07}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{B6748F50-AA2C-4E6F-AD26-5F0488F825EF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{B82AA26C-9A06-400C-9E75-B555EFE50BE8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{B992A223-39D3-454A-BD7E-DC3C65E6FDD0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{B9EE3061-6044-4C56-9CBC-D00F23BDE0D7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{C00FB30E-30D2-419F-A3C5-55EA69A8987D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{C2E08C64-4265-4A49-AF41-7700DF334623}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{C4B16D87-1C90-4B6D-AFE3-9427B7BD5F76}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{C5C23F40-63C7-4D6B-8DD9-D6E51AB54376}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{C73CBDCE-F425-4973-ABC4-4431B3D3BC4D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{C76768CC-0026-490E-A217-C9E17F04DB2F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{D0D35644-C804-4D51-92AF-0C8865958EEF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{D4938F82-4D94-45A7-9F04-6DF84758D41B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{DF77390D-3322-41C7-B450-DBC4532F4BCA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{DFE961E8-57E3-45E1-9B4B-A90AF89E1124}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{E14A3799-CE4C-4A83-B2D8-3DBF090894FD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{E208A62A-8934-4E29-8966-1756ED17B2CB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{E42211B3-E1AB-4FA7-8CED-3658B987D024}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{E4DC48F3-E1F9-4BFA-B0A2-C7C2734139AB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{E5E54347-155D-4A5F-9828-3CE9753FA579}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{E8DDBAD4-B252-4D23-954F-95A11EBA7CCC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{ECF5C28D-49B4-43A9-AC86-72A326DAA8AB}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp1\wnt500x86\rpcsandrasrv.exe |
"{EFBE736B-48BD-4AD2-A058-304C66EEDA5E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{F5BB1BBF-2034-48BB-8E40-96A14C956106}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{F63E56FC-CCFE-48E9-9ACC-1A94261E4E98}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{F94E6446-8112-4E6A-9A57-7A4AD58878A4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{FDB10B85-0A73-48DF-9BDC-4BE852069134}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E3A59D-BC2A-40B5-9E97-1E37B0018470}" = dir=in | app=c:\program files\tmbot\tm.exe |
"{040F57E0-8F5E-490E-B8A1-958926F1CF65}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{08AB0119-A199-4838-93BE-B53988EE96AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A5003B1-6490-42DB-8063-38DF7CB40215}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0EE35C2C-A042-4D9C-87FE-1D537B631008}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"{13F2F0A8-3971-4994-9D4E-58546C0AE032}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{15100D2D-9AE0-4CD6-858E-B3BE7ACFA86A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19B0507D-441D-429D-AF8B-DA6073711356}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B9A6E99-256B-4DFF-93E7-B01937C032CC}" = protocol=17 | dir=in | app=c:\program files\codemasters\fuel\fuel.exe |
"{1E3373AC-7AF7-4A85-BC44-2FB2137C554B}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{1F0C2F09-4A9B-4FF6-A22C-99B14506B2A7}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{211DDB2F-E7F5-4AD6-92A7-65D72948B684}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{2206546C-EE53-4693-B1AA-7A8548BB9B48}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe |
"{237AA9CF-C057-4D35-B8BC-7529EFC36758}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B68AE6F-38A5-4DE3-8F8C-56B3F6F8A691}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{2E3B02EF-6DB8-4E8A-BE7C-CD101C94714A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe |
"{2F04EA53-64E8-49DB-83EE-E26E6E8BD6F6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{30BCB0B2-37ED-4AE9-8419-D8BA9EC6430F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{45C8722E-F1D8-487F-ABBB-1B6E4F967EC5}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe |
"{478C0E26-100B-47FF-A1CC-B9272CCEC0E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4BF75B48-FC07-4ECC-8609-443D6C81B8A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4DEBDF81-1ED1-41BB-AA1B-8EEA167E8424}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{519FF9FB-2248-4084-B7C5-8C6F040EC728}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{55897376-FF64-4E27-BD28-F8460B63B14A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C0DA66F-2A3B-48BE-9462-A2663DD58710}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{64027B0E-4335-4217-8B40-C2D2D8F92E3E}" = protocol=6 | dir=out | app=system |
"{659753E6-AECC-4783-A0AB-4341449F11C7}" = protocol=17 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{680E43F6-A2AA-4B22-8549-D5C6EED920A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6AF84145-359F-4C04-94B4-F8841844B396}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"{75171336-21CF-49F3-938A-EDC2256337B9}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{7732871B-0E08-4B71-9AAF-6DCB14F46943}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{79E26349-91ED-4CE8-AC27-96A3E8EC236D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7C024ABF-3598-4412-9745-D254D799DB31}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{81507969-C66E-4099-9741-127ED200E992}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{81BADA6E-899C-49C4-9214-508F9E54EE41}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{829D18A8-06C8-4027-8CF5-1FC9B275A937}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{84E3B4E8-2554-4D13-8BA9-6052B1600BAF}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe |
"{86BCC05D-BDFD-466A-9381-86D069EF46CD}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{86EAC641-6FD6-4572-8C51-A2E9D096B135}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{871625DC-8942-4568-A739-F6989EB12DBB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{87226A3A-955F-4D93-B4F1-A08EB12148A4}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"{8970BB28-C59E-4866-9CFA-D5859281CB06}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{8A24DF9C-2593-48E2-A34C-D53FEFC677DD}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{8AFC48F4-6FBC-4A9A-964A-F1C4AB29B4C8}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{8B917F08-3B2D-4996-8267-A7856C6280B6}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe |
"{8D71716D-C577-42E6-BBF8-80FC5BC59C1D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FFDCB05-B779-471F-8127-D4EC7B076C16}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2editor.exe |
"{90A44BD2-0F81-4287-AA6A-736A660C3A29}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{98F0FC43-F4F3-4D8B-B5DE-93FB0C0D373E}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{9B8BB147-A97E-4898-A72B-FFC04AFBA12E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9BE9E846-BC38-490C-8FCF-3F2DCE9063B5}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe |
"{9C617197-1B6E-46EE-B143-6AF81273932D}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{A026DE70-6799-4887-AB66-03105DA6A9A9}" = protocol=6 | dir=in | app=c:\program files\codemasters\fuel\fuel.exe |
"{A2F48B16-F8AC-45D9-80B7-35401F046732}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2F96D3E-3A50-423B-A8A4-19C519851E52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A4F84BA2-C2C3-4017-8065-3FD44F4D15BE}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{A530C8C2-A882-4FD2-BA20-AC4638F16847}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{AD677039-8553-45D8-9A07-8B7C231C4DFD}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{B225D320-F378-4151-ACFE-4DDC914245F9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{BBAD2E3F-EA94-4C1B-963D-F5B42DE195C0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{BC1ECE39-9D75-46EB-8EDF-D672CE316E59}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"{BE2E59EF-D7F1-4D65-B3DF-A554D420A3FC}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\fc2launcher.exe |
"{BF346ECE-2A63-49A9-B55E-F5CA8776DBED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C3BBA8BA-D35B-4EC7-8B99-3111E11786A9}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{C47BA611-3AB7-4519-B991-1A87DC0F5B25}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C50BD99E-6C3E-4578-ADC7-4B300D0A1C96}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C673C926-D7FA-4F3A-A9EA-4D5E670C2E25}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C843C5A5-F5AB-464D-9CB8-F41CD3B35611}" = protocol=6 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{C956A54C-7669-47F7-B9DF-7D372B06761C}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{CED7D9E6-B3AC-4D16-B16E-BD0D16CB7B3C}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{D13E65D8-A440-47FE-A30A-48159AAC1F54}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{D45D45D8-6CC7-4A77-BE29-902A70193FD1}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"{D4FE305E-44F7-417C-97EC-660A819BF166}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D51C917B-C2BC-41F2-9418-5BAB93D4A4F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D573BF58-8FFF-400D-90DD-D8F6A8157286}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{D5E50078-88B7-435F-9877-854003F2C6B7}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D962AB91-D9E5-405D-9AD5-B4D911EB1AE7}" = dir=out | app=c:\program files\tmbot\tm.exe |
"{D9A57898-C2A5-4C4D-B403-BD30B683F037}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D9D6F7A8-EB17-4314-8375-C0B59A32F5A2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{DA338E2F-9E68-4BCB-A50D-263FFC6FB7B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DBE2EE90-1E7D-40A6-831D-6AB974C2C4D4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DC74844B-0DD5-4729-809D-1E2DEE856335}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E0E45D25-E5AE-457E-9D64-B8AB46A1645E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E1A46DC7-3E4F-4C6B-B218-58AC9DD830CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E2BF8B5B-4E3A-44E2-8472-5C8A03212777}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{E96E55FE-0897-4680-A941-82E5F4D51E52}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"{EC5609C8-934D-4AC7-B957-985BE7D5A3A9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{F2CEF5D4-2A5D-44E4-80C3-306CF6DFF540}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{F55A1C12-E0B2-4F9D-A6D1-CF76B51ABEB2}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{F9021D6D-2F75-44B9-A6F3-F652269E509F}" = dir=in | app=c:\program files\tmbot\dj-browser.exe |
"{F91B2B38-096C-4023-AC4B-75C09BFFD25F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FE312806-A423-451E-88C8-00C799982AC4}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{FF9AC9AA-9607-496A-9E44-C23F5522EAA1}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{FFEDE648-E55A-4092-AC95-728BD186F89E}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"TCP Query User{0F6678A4-45F0-42DE-98A1-5867F0DBD8DC}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{1066FB69-67C5-46E6-A879-08E0784AD6D6}C:\program files\1c\111111\binaries\win32\pp3.exe" = protocol=6 | dir=in | app=c:\program files\1c\111111\binaries\win32\pp3.exe |
"TCP Query User{1A58D610-2C82-4EC0-8E41-3ABE1B80F353}C:\programme\itnc530\340494\sys\bin\plc.exe" = protocol=6 | dir=in | app=c:\programme\itnc530\340494\sys\bin\plc.exe |
"TCP Query User{1B42E1B7-D68B-44E8-A21C-873825FC0E8C}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"TCP Query User{253EB6EE-AAA8-4710-AADB-B9ED9A69D8B9}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{315D8679-3E5C-439D-8975-1E2359284A0F}C:\programme\itnc530\340494\sys\bin\regel.exe" = protocol=6 | dir=in | app=c:\programme\itnc530\340494\sys\bin\regel.exe |
"TCP Query User{37E11259-477E-461D-BDDA-68A0DAA3963C}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{38E49FA5-C319-414A-8FCB-73AC58CE31AB}C:\programme\itnc530\340494\xwin\bin\xwin.exe" = protocol=6 | dir=in | app=c:\programme\itnc530\340494\xwin\bin\xwin.exe |
"TCP Query User{3BB0A17F-C8D4-4F6F-9AE1-6C3A24CAA0D0}C:\program files\codemasters\grid\grid.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"TCP Query User{3FEC1889-EAB7-41B0-B56E-65C58AE0BE74}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{51ED4D8C-43AB-46CF-A2ED-52B29FF0B1E4}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{5E053B13-78CF-47BC-A46E-341A61F1CDCB}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"TCP Query User{61807032-7C16-40D3-BAB4-7003348CF2D1}C:\program files\atari\test drive unlimited\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\program files\atari\test drive unlimited\testdriveunlimited.exe |
"TCP Query User{623BDE67-2748-40B3-9679-6CC9E653DED4}C:\programme\itnc530\340494\sys\bin\geo.exe" = protocol=6 | dir=in | app=c:\programme\itnc530\340494\sys\bin\geo.exe |
"TCP Query User{64530020-8EB2-4CE0-91B6-DCE1E3244C0B}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"TCP Query User{AAABCFA2-60DE-4308-AC49-5508BEE4CE69}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{BF2B158D-8A83-408D-BD3C-B733C146F9BA}C:\programme\itnc530\340494\sys\bin\ext.exe" = protocol=6 | dir=in | app=c:\programme\itnc530\340494\sys\bin\ext.exe |
"TCP Query User{C047899D-3C3C-47E9-BE4C-1652B9224D8F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{D51A850D-FC69-4E52-AF6A-986FEE891502}C:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"TCP Query User{EDC12D80-54CA-4927-AA19-9F60CE9DC1F8}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{F76A7CE6-DC8F-4386-8840-E0339902AFCB}C:\program files\atari\test drive unlimited\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\program files\atari\test drive unlimited\testdriveunlimited.exe |
"UDP Query User{045CA067-98EE-40E5-92D5-CD6E36AC47DD}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{2299148D-B527-4455-8CAD-52E321777EC1}C:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"UDP Query User{2EB0964A-641F-4C2F-8810-490DFBEFBE8C}C:\program files\atari\test drive unlimited\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\program files\atari\test drive unlimited\testdriveunlimited.exe |
"UDP Query User{36319696-BC30-42F4-AC0F-949B384398A9}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{43B011D9-AABA-48DD-8CA5-42EE6DE96A43}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{58465981-F706-490F-995B-FE718EC1AE7C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{60B80050-4536-4318-93CF-0A072CAF7E91}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{65AFD728-0BE3-4000-8724-55CB4D7AA6DA}C:\programme\itnc530\340494\sys\bin\geo.exe" = protocol=17 | dir=in | app=c:\programme\itnc530\340494\sys\bin\geo.exe |
"UDP Query User{6E818440-4CC0-4E20-93A8-FCF0DB814AD1}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{7EE0E930-5794-46DA-A43A-2C8357322F3E}C:\programme\itnc530\340494\sys\bin\plc.exe" = protocol=17 | dir=in | app=c:\programme\itnc530\340494\sys\bin\plc.exe |
"UDP Query User{8414237A-686D-4721-97FB-CED2611E40AF}C:\programme\itnc530\340494\sys\bin\ext.exe" = protocol=17 | dir=in | app=c:\programme\itnc530\340494\sys\bin\ext.exe |
"UDP Query User{9399F708-94E6-445D-95B1-8ECA7548D5B9}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{96264E5E-6138-4FDD-9FF0-EF13190D4065}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{97576542-B2FA-4974-A837-CFAA85A7D861}C:\program files\1c\111111\binaries\win32\pp3.exe" = protocol=17 | dir=in | app=c:\program files\1c\111111\binaries\win32\pp3.exe |
"UDP Query User{9AF9B924-6724-4E82-A855-DB0ADC35C91D}C:\programme\itnc530\340494\sys\bin\regel.exe" = protocol=17 | dir=in | app=c:\programme\itnc530\340494\sys\bin\regel.exe |
"UDP Query User{AA855D47-9D7D-4332-8AB2-E84412AE2E14}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{B531526D-2870-4614-B70E-69A12C1553AF}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{C2AC9309-F748-4EB3-8FA7-2041E7202F8C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{EF71D248-3028-477F-B4A3-D4130ED98B1A}C:\program files\codemasters\grid\grid.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"UDP Query User{F4F1D4BD-734F-458E-9745-848967DA3B11}C:\program files\atari\test drive unlimited\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\program files\atari\test drive unlimited\testdriveunlimited.exe |
"UDP Query User{FD5646AA-CF8B-4F86-BF7C-2CD4DCF814D4}C:\programme\itnc530\340494\xwin\bin\xwin.exe" = protocol=17 | dir=in | app=c:\programme\itnc530\340494\xwin\bin\xwin.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0D637670-BC00-4FAC-8E00-518EB7F65091}" = Angry Birds Rio
"{18B5996A-643E-4176-9BEB-27C45C9F1FC3}" = Nokia Map Loader
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.1
"{1ABDE5A0-2F9C-4B33-8A53-B12377CF8643}" = 4x4 Hummer
"{1AD473D7-7A47-5AEC-B45D-9B87414E7175}" = Digital Video Converter v1.11.0.32
"{1CC535A8-BD37-4AD5-BF85-1C366873BA47}" = Street Racing Syndicate (TM)
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{2D7C3E18-E696-4B67-8B5D-45CD3BE6B27E}" = SweetIM for Messenger 3.0
"{300B9E83-E406-4DF7-8A21-E8A90E4F8B91}_is1" = Convert DVD to AVI 1.1
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{463B1489-1377-4B2A-A718-B1E3E4D4B836}" = UAZ Racing 4x4
"{4E31D9A6-245B-41A6-949D-C7B029A703D2}" = iTNC530 (340494)
"{50E4FCC7-90B9-48C6-9D17-7AE66F282878}" = Juiced2_HIN
"{518A54AE-002F-406F-BB48-620676AB9960}" = Anno 1404
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"{5F5623DF-7951-4D32-8897-73E0A6BC2AA7}" = Samsung PC Studio
"{60278415-7204-4603-BA8C-574303706FAC}_is1" = Leawo Free DVD to AVI Converter version 2.3.1.0
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{768F22DC-2D20-4F52-A9A1-5E231FB7F752}" = Logitech Gaming Software 5.04
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7A27764B-5434-4DAA-BD43-3ACF4FFCD7FE}" = SweetIM Toolbar for Internet Explorer 3.8
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam
"{7D42B43A-EA63-4234-B00A-757C15B2B185}_is1" = AVI Converter version 1.2.2.2
"{7FF0ACFE-4346-4D9D-B822-C69B99AAE1FC}" = Microsoft_VC80_MFCLOC_x86
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8ADE1C0F-CC4B-46CC-92E2-855B6E39BD2A}" = WRC 2 FIA World Rally Championship
"{8AE28FB8-B8AE-4B58-A5FE-77F45E462BAE}" = Microsoft_VC80_MFC_x86
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90850405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9135BA5B-51B4-49BF-867A-D152B5CE67D4}" = Off Road
"{930439A1-B49E-4A54-A499-31BDC1A91DE5}" = Shockwave Player
"{950A8D14-C48E-4508-B377-1EA45A18FA3D}" = Camtasia Studio 4
"{95140000-00AF-0405-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{952D88D2-3E6F-4E40-8553-8070FEFCE5CD}" = Adobe Creative Suite 5 Master Collection
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99072AB4-D795-44D5-9D65-E3C9F8322C97}" = TomTom HOME
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 2.8.387
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AF890091-2603-C1C6-DCD6-B8799D4FB464}" = Adobe Community Help
"{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III
"{B8372C2D-9549-4C85-83FE-BBD29D95D4C0}" = SCAR
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BD46B7ED-69E1-473E-93F1-398F4CEEEF9B}" = FormatFactory
"{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}" = MotoGP 08
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009.SP1
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{CB07E706-5DD7-4093-83A1-1430D5B6FA75}" = Microsoft_VC80_ATL_x86
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{CC4729BF-0396-47EF-AA0B-3A04111F19F9}" = FightBoard Advanced 1.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0071C79-4B13-4F51-9D6F-6DD271F2ED86}" = KeyProwler Pro
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2ECAEB9-1ACD-4DA2-B3F6-4A94A429FC8C}" = Legendary
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4BB976A-A6E5-49A4-9885-A58B519C2705}" = WRC 2 FIA World Rally Championship
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EDFE2142-CFB3-44AB-A961-DE85F6408A28}" = Sentinel Protection Installer 7.3.2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F51FF206-2273-4B3E-A90A-4752AE288C12}" = FUEL
"{FFB332F6-8FEE-4CEE-BC9E-56EBEA89431E}" = SURFCAM VELOCITY 3.0
"4shared Desktop" = 4shared Desktop
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.0.5
"APE To MP3 Plus" = APE To MP3 Plus
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"aTube Catcher" = aTube Catcher
"avast!" = avast! Antivirus
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"BitLord" = BitLord 1.1
"BSPlayerf" = BS.Player FREE
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"Carmageddon_is1" = Carmageddon
"CCleaner" = CCleaner
"Clownfish" = Clownfish for Skype
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Czech Racer_is1" = Czech Racer 1.0
"Dll-Files Fixer_is1" = Dll-Files Fixer
"Doom (engine Doomsday 1.9.8.1)" = Doom (engine Doomsday 1.9.8.1)
"Doom (engine GZDoom 1.5.06)" = Doom (engine GZDoom 1.5.06)
"DualCoreCenter_is1" = DualCoreCenter
"DVD Shrink_is1" = DVD Shrink 3.2
"DVD To AVI Converter_is1" = DVD To AVI Converter 4.0
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 4.1)
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.3)
"Flac Ripper_is1" = Flac Ripper 4.0.1
"FLVPlayer" = FLV Player 1.3.3
"foobar2000" = foobar2000 v1.0.3
"Foxit Reader_is1" = Foxit Reader
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"GSA Email Spider_is1" = GSA Email Spider v5.99
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ICQ Password" = ICQ Password
"ImgBurn" = ImgBurn
"InstallShield_{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"InstallShield_{D2ECAEB9-1ACD-4DA2-B3F6-4A94A429FC8C}" = Legendary
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.9.0
"Mad Rally_is1" = Mad Rally
"MAGIX Music Maker 16 Premium Download Version UK" = MAGIX Music Maker 16 Premium Download Version
"MAGIX Screenshare UK" = MAGIX Screenshare
"MAGIX Speed burnR UK" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaCoder" = MediaCoder 0.6.0
"Messenger Key" = Messenger Key 9.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MKV TO AVI CONVERTER_is1" = MKV TO AVI CONVERTER version 3.22
"Mozilla Firefox 25.0.1 (x86 cs)" = Mozilla Firefox 25.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MV2Player" = MV2Player (remove only)
"Nero - Burning Rom!UninstallKey" = Ahead Nero 6 Demo
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Painkiller - Battle Out of Hell_is1" = Painkiller - Battle Out of Hell 1.64
"PEKI dictionary" = PEKI dictionary 1.21
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"QcDrv" = Logitech® Camera Driver
"RealPlayer 6.0" = RealPlayer
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"save2pc Light_is1" = save2pc Light 4.12
"Share Search Tool_is1" = Share Search Tool
"Spyware Terminator BETA_is1" = Spyware Terminator BETA
"THIV_is1" = The Hell in Vietnam
"TMbot_0" = TMbot 3.4.0
"Traktor Simulátor_is1" = Traktor Simulátor
"Ultra MKV Converter_is1" = Ultra MKV Converter 3.2.0610
"VLC media player" = VideoLAN VLC media player 0.8.6i
"Winamp" = Winamp
"Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-493184601-2494964019-3008129617-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 30.4.2010 23:43:50 | Computer Name = David-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\tdh.dll failed, 00000005.

Error - 24.9.2011 11:26:46 | Computer Name = David-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.instaluj-download.cz/interne ... atcher.exe
failed, 00000084.

Error - 8.10.2012 4:30:36 | Computer Name = David-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://files.dsnetwb.com/aTube_Catcher.exe failed, 00000084.

[ Application Events ]
Error - 16.11.2013 17:35:13 | Computer Name = David-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 16.11.2013 17:35:14 | Computer Name = David-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2013 3:48:10 | Computer Name = David-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2013 3:48:21 | Computer Name = David-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2013 3:48:38 | Computer Name = David-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2013 10:17:24 | Computer Name = David-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2013 10:24:21 | Computer Name = David-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2013 10:24:24 | Computer Name = David-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2013 10:25:10 | Computer Name = David-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 17.11.2013 11:06:49 | Computer Name = David-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

[ System Events ]
Error - 18.11.2013 4:09:49 | Computer Name = David-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume1 spustit nástroj chkdsk.

Error - 18.11.2013 4:09:49 | Computer Name = David-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume1 spustit nástroj chkdsk.

Error - 18.11.2013 4:09:49 | Computer Name = David-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume1 spustit nástroj chkdsk.

Error - 18.11.2013 4:09:49 | Computer Name = David-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume1 spustit nástroj chkdsk.

Error - 18.11.2013 4:25:41 | Computer Name = David-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume1 spustit nástroj chkdsk.

Error - 18.11.2013 4:25:54 | Computer Name = David-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume1 spustit nástroj chkdsk.

Error - 18.11.2013 4:26:04 | Computer Name = David-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume1 spustit nástroj chkdsk.

Error - 18.11.2013 4:26:16 | Computer Name = David-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume1 spustit nástroj chkdsk.

Error - 18.11.2013 4:26:33 | Computer Name = David-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume1 spustit nástroj chkdsk.

Error - 18.11.2013 4:26:45 | Computer Name = David-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek \Device\HarddiskVolume1 spustit nástroj chkdsk.

Odinstalujte McAfee Security Scan a Spyware Terminator

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\systormflb.sys -- (systormflb)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
  DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aa1rjml0)
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKLM\..\URLSearchHook: - No CLSID value found
  IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
  IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
  IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-21-493184601-2494964019-3008129617-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
  FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.0.5
  FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
  FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
  [2011.05.13 17:13:14 | 000,002,342 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icq-search.xml
  [2012.08.29 18:32:20 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-16.xml
  [2012.09.09 08:17:41 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-17.xml
  [2012.10.12 21:38:51 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-18.xml
  [2012.10.28 21:52:12 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-19.xml
  [2012.12.04 15:12:03 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-20.xml
  [2013.01.11 20:45:05 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-21.xml
  [2013.01.21 15:43:27 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-22.xml
  [2013.02.11 17:41:26 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-23.xml
  [2013.02.25 11:53:11 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-24.xml
  [2013.03.13 17:05:11 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-25.xml
  [2013.04.05 06:05:43 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-26.xml
  [2013.04.11 21:43:01 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-27.xml
  [2013.06.26 07:47:53 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-28.xml
  [2013.08.10 10:44:39 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-29.xml
  [2013.08.18 11:49:10 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-30.xml
  O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
  O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
  O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
  O33 - MountPoints2\{8082172b-bdeb-11dd-8947-0021855aba5b}\Shell - "" = AutoRun
  [2013.11.17 08:40:56 | 000,112,107 | ---- | C] (forum.viry.cz) -- C:\Users\David\Desktop\VerzeOS.exe
  [2013.11.16 22:30:10 | 000,000,000 | ---D | C] -- C:\AdwCleaner
  [2013.11.17 08:42:32 | 000,112,128 | ---- | C] (forum.viry.cz) -- C:\Users\David\Desktop\FRSTLauncher.exe
  [2013.11.17 08:42:11 | 001,091,023 | ---- | C] (Farbar) -- C:\Users\David\Desktop\FRST.exe
  [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  [5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\5d7f15f2b764c278a7ffd0d37add0d96\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5d7f15f2b764c278a7ffd0d37add0d96\*.tmp -> ]
  [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
  [2013.11.18 08:35:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  [2013.11.17 16:09:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000Core.job
  [2013.11.18 09:09:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000UA.job
  [2013.11.18 02:48:26 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AD178CE2-18A5-4B81-9E5B-050DC52D39CE}.job
  @Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP:8927A071
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "NeroCheck"=-
  "WinampAgent"=-
  "SunJavaUpdateSched"=-
  "SweetIM"=-
  "SpywareTerminator"=-
  "TkBellExe"=-
  "facemoods"=-
  "AdobeAAMUpdater-1.0"=-
  "BCSSync"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  "RGSC"=-
  "Google Update"=-
  "PC Suite Tray"=-
  "TomTomHOME.exe"=-
  "ICQ"=-
  "Skype"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  "FlashPlayerUpdate"=-
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
Service systormflb stopped successfully!
Service systormflb deleted successfully!
File system32\DRIVERS\systormflb.sys not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys not found.
Service GMSIPCI stopped successfully!
Service GMSIPCI deleted successfully!
File D:\INSTALL\GMSIPCI.SYS not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys not found.
Error: No service named aa1rjml0 was found to stop!
Service\Driver key aa1rjml0 not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-493184601-2494964019-3008129617-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKU\S-1-5-21-493184601-2494964019-3008129617-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: DTToolbar@toolbarnet.com:1.0.0.5 removed from extensions.enabledItems
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icq-search.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-25.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-26.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-27.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-28.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-29.xml moved successfully.
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins\icqplugin-30.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8082172b-bdeb-11dd-8947-0021855aba5b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8082172b-bdeb-11dd-8947-0021855aba5b}\ not found.
C:\Users\David\Desktop\VerzeOS.exe moved successfully.
C:\AdwCleaner\Quarantine\C\Windows\system32 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Windows folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\virus\AppData\Roaming\Mozilla\Firefox\Profiles\f2wdeegz.default\searchplugins folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\virus\AppData\Roaming\Mozilla\Firefox\Profiles\f2wdeegz.default\ICQToolbarData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\virus\AppData\Roaming\Mozilla\Firefox\Profiles\f2wdeegz.default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\virus\AppData\Roaming\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\virus\AppData\Roaming\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\virus\AppData\Roaming\Mozilla folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\virus\AppData\Roaming folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\virus\AppData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\virus folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\searchplugins folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\ICQToolbarData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\search_engine folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\META-INF folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\defaults\preferences folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\defaults folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\components folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\skin folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\tr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\sk folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\ru folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\it folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\he folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\fr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\es folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\en-US folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\de folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\cs folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\bg folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\content\img folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\content folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07} folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\ffxtlbr@Facemoods.com\defaults\preferences folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\ffxtlbr@Facemoods.com\defaults folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\ffxtlbr@Facemoods.com\content\preferences folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\ffxtlbr@Facemoods.com\content\images folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\ffxtlbr@Facemoods.com\content folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\ffxtlbr@Facemoods.com\components folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions\ffxtlbr@Facemoods.com folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default\Extensions folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\WinampToolbarData\install folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\WinampToolbarData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\searchplugins folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\ICQToolbarData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847} folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\search_engine folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\META-INF folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\defaults\preferences folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\defaults folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\components folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\skin folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\tr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\sk folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\ru folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\it folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\he folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\fr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\es folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\en-US folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\de folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\cs folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\bg folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\content\img folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\content folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07} folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{0B38152B-1B20-484D-A11F-5E04A9B0661F}\META-INF folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{0B38152B-1B20-484D-A11F-5E04A9B0661F}\components folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{0B38152B-1B20-484D-A11F-5E04A9B0661F}\chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{0B38152B-1B20-484D-A11F-5E04A9B0661F} folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\searchplugin folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\META-INF folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\lib folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\defaults folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\components folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\Extensions folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\CT2233703\weather folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\CT2233703\radio\Skins folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\CT2233703\radio folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\CT2233703\emailnotifier folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\CT2233703\communities folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default\CT2233703 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\searchplugins folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\ICQToolbarData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\search_engine folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\META-INF folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\defaults\preferences folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\defaults folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\components folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\skin folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\tr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\sk folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\ru folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\it folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\he folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\fr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\es folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\en-US folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\de folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\cs folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale\bg folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\locale folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\content\img folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome\content folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07} folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default\Extensions folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Mozilla folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\LocalLow\4shared.com\RadioPlayer\Skins folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\LocalLow\4shared.com\RadioPlayer folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\LocalLow\4shared.com\EmailNotifier folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\LocalLow\4shared.com\CacheIcons folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\LocalLow\4shared.com folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData\LocalLow folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David\AppData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users\David folder moved successfully.
C:\AdwCleaner\Quarantine\C\Users folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\BitLord folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar\XML\TR folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar\XML\SK folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar\XML\RU folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar\XML\IT folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar\XML\HE folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar\XML\FR folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar\XML\ES folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar\XML\EN folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar\XML\DE folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar\XML\BG folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar\XML folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ\ICQToolbar folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\ICQ folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\searchplugins folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\search_engine folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\META-INF folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\defaults\preferences folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\defaults folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\components folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}\chrome folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07} folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\Extensions folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\Components folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\rules folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\lang folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\UDO - Mission No. X 2005 (320k) Heavy Metal folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Top 1000 Classic Rock Songs of the Millennium folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Iron Maiden - The Number Of The Beast (1982) {Original} [EAC - Lame V0] folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Filmfix.se folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [2002] Hot and slow folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [2001] A Tribute To Accept Vol.2 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [2000] Bestseller folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1999] A Tribute To Accept Vol.1 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1998] The Final Chapter folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1997] Predator folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1997] All areas\CD 2 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1997] All areas\CD 1 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1997] All areas folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1995] No substitutes folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1995] Hungry Years folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1995] Deth Row folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1993] Objection Overruled folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1990] Staying a life folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1989] Eat The Heat folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1986] Russian Roulette\Cover folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1986] Russian Roulette folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1985] Metal Heart\Cover folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1985] Metal Heart folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1985] Kaizoku-ban folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1984] Balls To The Wall folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1983] Restless and Wild\Cover folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1983] Restless and Wild folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1981] Breaker\Cover folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1981] Breaker folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1980] I'm A Rebel folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept [1979] Accept folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album\Accept - Best Of AccePt folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads\Accept - 22 Album folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord\Downloads folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\BitLord folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\4shared.com folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files folder moved successfully.
C:\AdwCleaner\Quarantine\C folder moved successfully.
C:\AdwCleaner\Quarantine folder moved successfully.
C:\AdwCleaner\Backup\C\Users\virus\AppData\Roaming\Mozilla\Firefox\Profiles\f2wdeegz.default folder moved successfully.
C:\AdwCleaner\Backup\C\Users\virus\AppData\Roaming\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Backup\C\Users\virus\AppData\Roaming\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Backup\C\Users\virus\AppData\Roaming\Mozilla folder moved successfully.
C:\AdwCleaner\Backup\C\Users\virus\AppData\Roaming folder moved successfully.
C:\AdwCleaner\Backup\C\Users\virus\AppData folder moved successfully.
C:\AdwCleaner\Backup\C\Users\virus folder moved successfully.
C:\AdwCleaner\Backup\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vg0ij12q.default folder moved successfully.
C:\AdwCleaner\Backup\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fhu0gpyh.default folder moved successfully.
C:\AdwCleaner\Backup\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3n5xyjcl.default folder moved successfully.
C:\AdwCleaner\Backup\C\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Backup\C\Users\David\AppData\Roaming\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Backup\C\Users\David\AppData\Roaming\Mozilla folder moved successfully.
C:\AdwCleaner\Backup\C\Users\David\AppData\Roaming folder moved successfully.
C:\AdwCleaner\Backup\C\Users\David\AppData folder moved successfully.
C:\AdwCleaner\Backup\C\Users\David folder moved successfully.
C:\AdwCleaner\Backup\C\Users folder moved successfully.
C:\AdwCleaner\Backup\C folder moved successfully.
C:\AdwCleaner\Backup folder moved successfully.
C:\AdwCleaner folder moved successfully.
C:\Users\David\Desktop\FRSTLauncher.exe moved successfully.
C:\Users\David\Desktop\FRST.exe moved successfully.
C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5CA0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6122.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAD9C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD078.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED1C.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\5d7f15f2b764c278a7ffd0d37add0d96\$dpx$.tmp\job.xml deleted successfully.
C:\Windows\SoftwareDistribution\Download\5d7f15f2b764c278a7ffd0d37add0d96\$dpx$.tmp folder deleted successfully.
C:\Windows\System32\tmp3378.tmp deleted successfully.
C:\Windows\System32\tmp3379.tmp deleted successfully.
C:\Windows\System32\tmp8F60.tmp deleted successfully.
C:\Windows\System32\tmp8F61.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-493184601-2494964019-3008129617-1000UA.job moved successfully.
C:\Windows\Tasks\User_Feed_Synchronization-{AD178CE2-18A5-4B81-9E5B-050DC52D39CE}.job moved successfully.
ADS C:\ProgramData\TEMP:8927A071 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminator not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\facemoods not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\TomTomHOME.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate not found.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: David
->Temp folder emptied: 307020886 bytes
->Temporary Internet Files folder emptied: 1704162 bytes
->Java cache emptied: 60667003 bytes
->FireFox cache emptied: 568575192 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 17455 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: virus
->Temp folder emptied: 243712 bytes
->Temporary Internet Files folder emptied: 173326 bytes
->Java cache emptied: 6703 bytes
->FireFox cache emptied: 27376311 bytes
->Flash cache emptied: 699 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9772 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1481389484 bytes

Total Files Cleaned = 2 334,00 mb


[EMPTYFLASH]

User: All Users

User: David
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: virus
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: David
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Public

User: virus
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11202013_090054

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Jak se chova PC