Ahoj
Vir "Váš počítač je zablokován" mi zablokoval PC.Počítač šel najet jen v nouzovém režimu.Postupoval jsem podle návodu z těchto
stránek: V nouzovém režimu jsem PC vyčistil rogramy Adwcleaner a RogueKiller.
Potom šel už počítač normálně spustit. Ještě jsem použil program Spybot S and D 2.
Prosím o kontrolu logu a dočištění PC.
Děkuji.
1.část logu:
Logfile of random's system information tool 1.09 (written by random/random)
Run by AMD-Vision at 2013-04-10 18:30:28
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 20 GB (17%) free of 120 GB
Total RAM: 7658 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:30:34, on 10.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\trend micro\AMD-Vision.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 180.250.130.186:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\AMD-Vision\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\AMD-Vision\AppData\Roaming\Complitly\Complitly.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: continuetosave - {99D9A734-954F-8613-F84D-6EE9DDB6A7BA} - C:\ProgramData\continuetosave\5115846e89d2e.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\AMD-Vision\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O3 - Toolbar: MyPlayCity Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingE2440] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingE1179] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingE7774] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingE3030] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingE7830] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingE4436] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingE6619] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingE9937] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingE6347] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe"
O4 - HKCU\..\Run: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\RunOnce: [SpybotDeletingF5853] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\Protected Search\InstallHelper.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF960] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\Protected Search\Interop.IWshRuntimeLibrary.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4699] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\Protected Search\ProtectedSearch.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF590] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\Protected Search\ProtectedSearch.ico"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6905] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\Protected Search\ProtectedSearchSettings.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9449] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\Protected Search\STInst64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1720] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\Protected Search\System.Data.SQLite.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9203] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\Protected Search\TaskScheduler.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3125] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\Protected Search\TaskSchedulerCreator.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5659] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\Protected Search\unins000.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8912] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\Protected Search\UnProtect.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8159] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\BetterSoft\ContinueToSave\1143840799.ini"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6630] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\BetterSoft\ContinueToSave\ContinueToSave.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1858] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\InstallMate\ContinueToSave\Setup.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2426] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\InstallMate\ContinueToSave\Setup.ico"
O4 - HKCU\..\RunOnce: [SpybotDeletingF182] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\InstallMate\ContinueToSave\TsuDll.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6671] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\InstallMate\ContinueToSave\_Setup.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9260] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\InstallMate\ContinueToSave\_Setupx.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9799] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\InstallMate\{05308B5A-C33A-46D0-A43B-8B18DED3A9AC}\Custom.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5139] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\InstallMate\{05308B5A-C33A-46D0-A43B-8B18DED3A9AC}\Setup.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5018] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\InstallMate\{05308B5A-C33A-46D0-A43B-8B18DED3A9AC}\Setup.ico"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2006] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\InstallMate\{05308B5A-C33A-46D0-A43B-8B18DED3A9AC}\TsuDll.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2022] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\InstallMate\{05308B5A-C33A-46D0-A43B-8B18DED3A9AC}\_Setup.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7110] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF485] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3793] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9570] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5179] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1126] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3049] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5373] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3848] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9125] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1055] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6005] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mglogger.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6573] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2740] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5057] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5891] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3913] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8429] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5968] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5158] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8578] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF718] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6225] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6656] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3574] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1271] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7704] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3654] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3047] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF179] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2549] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8362] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1230] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6804] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8589] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6814] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1872] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5397] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5630] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8762] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9271] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8510] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4230] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9836] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6712] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF549] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5430] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4564] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5063] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7541] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6994] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5304] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8662] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9433] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9660] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4383] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4452] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1555] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9149] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8339] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6255] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7480] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3292] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5249] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1127] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3668] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3974] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}\ARPPRODUCTICON.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4860] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1667] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\msvcm90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4313] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\msvcp90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2679] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\msvcr90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9158] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2187] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2955] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5033] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4006] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7420] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1939] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3860] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9794] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9810] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8488] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7780] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF81] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mglogger.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4095] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1749] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2576] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9452] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1969] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4333] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6378] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8203] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9372] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3990] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1742] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5684] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF174] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2764] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF132] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5797] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9913] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9214] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF4879] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3396] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7305] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2855] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1487] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF7802] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3900] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3966] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3737] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF275] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2149] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js"
O4 - HKCU\..\RunOnce: [SpybotDeletingF3141] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingF1854] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF8008] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5255] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF2069] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6044] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingF5658] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF6160] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingF9951] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4150456642-3383372601-3730963037-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-21-4150456642-3383372601-3730963037-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {a9ff5a45-b433-4940-9299-de737a9c11f6} - C:\Users\AMD-Vision\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs: c:\progra~2\contin~1\sprote~1.dll c:\progra~2\simple~1\sprote~1.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 40721 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2580.13352b00.1519213930 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 2580 "\\.\pipe\gecko-crash-server-pipe.2580" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash2144.679363D8.1492 --host-broker-channel=Flash2144.679363D8.28644 --host-pid=2144 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=2864.0031F448.1396839333 --proxy-stub-channel=Flash2144.679363D8.1492 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
taskeng.exe {EF2EA53F-4E4F-4EB2-BAC6-40C571A85802}
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose
"C:\Windows\system32\wuauclt.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"D:\Users\AMD-Vision\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\schedule!1143840799.job
=========Mozilla firefox=========
ProfilePath - C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "keyword.URL" - "http://websearch.simplespeedy.info/?l=1&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
Web Search.xml
wikipedia-cz.xml
C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\extensions\
5115846e89bab@5115846e89be4.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\AMD-Vision\AppData\Roaming\Complitly\64\Complitly64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-15 79240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0de094f5-e894-48c7-b16f-338d64674721}]
Certified Toolbar - C:\Users\AMD-Vision\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\AMD-Vision\AppData\Roaming\Complitly\Complitly.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-11 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99D9A734-954F-8613-F84D-6EE9DDB6A7BA}]
continuetosave - C:\ProgramData\continuetosave\5115846e89d2e.dll [2013-02-09 120832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
MyPlayCity Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-11 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{0de094f5-e894-48c7-b16f-338d64674721} - Certified Toolbar - C:\Users\AMD-Vision\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll []
{D4027C7F-154A-4066-A1AD-4243D8127440} - MyPlayCity Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ASRockXTU"= []
"Nektra OEAPI"= []
"OEXPRESS"= []
"Nero MediaHome 4"=C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [2012-02-28 5178664]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vir "Váš počítač je zablokován" - dočištění
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Vir "Váš počítač je zablokován" - dočištění
2.část logu:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingF5853"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF960"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4699"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF590"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6905"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9449"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1720"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9203"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3125"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5659"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8912"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8159"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6630"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1858"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2426"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF182"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6671"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9260"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9799"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5139"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5018"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2006"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2022"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF7110"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF485"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3793"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9570"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5179"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1126"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3049"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5373"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3848"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9125"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1055"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6005"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6573"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2740"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5057"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5891"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3913"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8429"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5968"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5158"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8578"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF718"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6225"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6656"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3574"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1271"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF7704"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3654"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3047"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF179"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2549"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8362"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1230"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6804"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8589"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6814"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1872"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5397"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5630"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8762"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9271"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8510"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4230"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9836"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6712"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF549"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5430"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4564"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5063"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF7541"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6994"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5304"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8662"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9433"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9660"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4383"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4452"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1555"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9149"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8339"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6255"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF7480"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3292"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5249"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1127"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3668"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3974"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4860"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1667"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4313"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2679"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9158"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2187"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2955"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5033"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4006"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF7420"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [2012-03-06 574296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2013-02-28 102400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-11-12 91704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Plex Media Server]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2012-04-18 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XFastUsb]
C:\Program Files (x86)\XFastUsb\XFastUsb.exe [2012-08-15 4942336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~1.5\TMMONI~1.EXE [2009-06-26 258048]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-06-20 5199984]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 336384]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Nero MediaHome 4"=C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [2012-02-28 5178664]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-02-15 601976]
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingE2440"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE1179"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE7774"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE3030"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE7830"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE4436"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE6619"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE9937"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE6347"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"VIDC.LAGS"=lagarith.dll
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-04-10 17:41:04 ----A---- C:\Windows\wininit.ini
2013-04-10 17:08:28 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-04-10 17:08:22 ----A---- C:\Windows\system32\sdnclean64.exe
2013-04-10 17:08:17 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-04-10 12:36:59 ----D---- C:\Program Files\trend micro
2013-04-10 12:36:58 ----D---- C:\rsit
2013-04-10 12:22:48 ----D---- C:\Users\AMD-Vision\AppData\Roaming\Malwarebytes
2013-04-10 12:22:34 ----D---- C:\ProgramData\Malwarebytes
2013-04-10 12:22:33 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-10 12:22:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-04-09 23:57:07 ----A---- C:\AdwCleaner[S1].txt
2013-04-08 11:02:03 ----D---- C:\Program Files (x86)\Activision
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-04-05 05:31:21 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-05 05:31:21 ----A---- C:\Windows\system32\elshyph.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-04-05 05:31:18 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-05 05:31:18 ----A---- C:\Windows\system32\iertutil.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\wininet.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\webcheck.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\urlmon.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\url.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\msrating.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\msls31.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\inseng.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\iesetup.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\iernonce.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\ieapfltr.dat
2013-04-05 05:31:17 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-05 05:31:17 ----A---- C:\Windows\system32\icardie.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\wextract.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\vbscript.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\occache.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\mshtml.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\mshta.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\jscript9.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\jscript.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\imgutil.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\iexpress.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\iepeers.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-05 05:31:15 ----A---- C:\Windows\system32\ieui.dll
2013-04-05 05:31:15 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-05 05:31:15 ----A---- C:\Windows\system32\ieframe.dll
2013-03-23 11:48:33 ----D---- C:\Program Files (x86)\Ask.com
2013-03-23 11:48:13 ----D---- C:\Program Files (x86)\MyPlayCity.com
2013-03-20 21:53:34 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-18 23:17:04 ----D---- C:\Users\AMD-Vision\AppData\Roaming\Opera
2013-03-18 23:16:56 ----D---- C:\Program Files (x86)\Opera
2013-03-18 15:54:28 ----D---- C:\Users\AMD-Vision\AppData\Roaming\Tor
2013-03-17 02:54:38 ----D---- C:\Program Files (x86)\BlueStacks
2013-03-17 02:54:00 ----D---- C:\ProgramData\BlueStacksSetup
2013-03-17 02:54:00 ----D---- C:\ProgramData\BlueStacks
======List of files/folders modified in the last 1 month======
2013-04-10 18:26:13 ----D---- C:\Windows\Prefetch
2013-04-10 18:11:23 ----D---- C:\Windows\inf
2013-04-10 18:11:23 ----AD---- C:\Windows\System32
2013-04-10 18:11:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-10 17:56:42 ----D---- C:\Windows\Temp
2013-04-10 17:41:05 ----SHD---- C:\Windows\Installer
2013-04-10 17:41:05 ----RD---- C:\Program Files (x86)
2013-04-10 17:41:05 ----HD---- C:\ProgramData
2013-04-10 17:41:05 ----D---- C:\Windows
2013-04-10 17:22:40 ----D---- C:\Windows\system32\config
2013-04-10 17:12:37 ----D---- C:\Windows\system32\catroot2
2013-04-10 17:12:37 ----D---- C:\Windows\system32\catroot
2013-04-10 17:12:31 ----D---- C:\Windows\winsxs
2013-04-10 17:08:29 ----D---- C:\Windows\system32\Tasks
2013-04-10 17:08:27 ----SD---- C:\ProgramData\Microsoft
2013-04-10 16:48:51 ----D---- C:\Windows\system32\NDF
2013-04-10 16:42:59 ----D---- C:\ProgramData\continuetosave
2013-04-10 12:36:59 ----RD---- C:\Program Files
2013-04-10 12:22:33 ----AD---- C:\Windows\system32\drivers
2013-04-10 12:17:41 ----SHD---- C:\System Volume Information
2013-04-10 12:05:49 ----D---- C:\Windows\Tasks
2013-04-10 12:05:49 ----D---- C:\Windows\system32\wfp
2013-04-10 12:05:44 ----D---- C:\Windows\system32\wbem
2013-04-10 12:05:04 ----D---- C:\Windows\system32\DriverStore
2013-04-10 12:05:04 ----D---- C:\Windows\system32\drivers\etc
2013-04-10 12:05:04 ----D---- C:\Program Files (x86)\Windows Mail
2013-04-10 12:05:03 ----D---- C:\Windows\system32\CodeIntegrity
2013-04-10 12:05:02 ----D---- C:\Windows\AppCompat
2013-04-10 12:05:01 ----D---- C:\Users\AMD-Vision\AppData\Roaming\GHISLER
2013-04-10 12:05:00 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-04-10 12:05:00 ----D---- C:\ProgramData\Big Fish Games
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Pro Evolution Soccer 2013
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\PowerArchiver
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\LSHunter.TV
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Jet Set Go
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Jack of All Tribes
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Electronic Arts
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Cooking Academy 3 - Recipe for Success
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\ContinueToSave
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Campgrounds
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\bfgclient
2013-04-10 12:04:58 ----D---- C:\Hry
2013-04-10 12:04:58 ----D---- C:\BigFishGamesCache
2013-04-10 12:04:57 ----D---- C:\Windows\registration
2013-04-10 12:04:53 ----RSD---- C:\Windows\assembly
2013-04-10 00:21:05 ----D---- C:\Users\AMD-Vision\AppData\Roaming\Media Player Classic
2013-04-10 00:20:51 ----D---- C:\Windows\Panther
2013-04-10 00:20:50 ----D---- C:\Windows\Logs
2013-04-07 13:09:02 ----D---- C:\Windows\rescache
2013-04-07 10:06:32 ----D---- C:\Users\AMD-Vision\AppData\Roaming\uTorrent
2013-04-05 15:57:49 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-05 15:57:48 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-05 15:57:48 ----D---- C:\Windows\system32\cs-CZ
2013-04-05 15:57:48 ----D---- C:\Program Files\Internet Explorer
2013-04-05 15:57:47 ----D---- C:\Windows\SYSWOW64\migration
2013-04-05 15:57:46 ----D---- C:\Windows\SYSWOW64\en-US
2013-04-05 15:57:46 ----AD---- C:\Windows\SysWOW64
2013-04-05 15:57:45 ----D---- C:\Windows\system32\migration
2013-04-05 15:57:45 ----D---- C:\Windows\system32\en-US
2013-04-05 15:57:45 ----D---- C:\Windows\PolicyDefinitions
2013-04-04 20:53:23 ----D---- C:\Program Files\CCleaner
2013-04-04 20:52:17 ----D---- C:\Users\AMD-Vision\AppData\Roaming\Winamp
2013-04-04 20:52:12 ----D---- C:\Windows\Minidump
2013-04-04 08:09:26 ----D---- C:\Users\AMD-Vision\AppData\Roaming\DAEMON Tools Lite
2013-04-02 12:34:28 ----N---- C:\Windows\system32\MpSigStub.exe
2013-03-22 17:51:15 ----D---- C:\Program Files (x86)\Google
2013-03-19 15:25:37 ----AD---- C:\ProgramData\Temp
2013-03-17 11:36:05 ----D---- C:\Windows\Microsoft.NET
2013-03-14 17:18:39 ----D---- C:\Windows\debug
2013-03-14 07:40:24 ----D---- C:\Windows\AppPatch
2013-03-14 07:40:18 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 07:40:17 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 00:54:12 ----A---- C:\Windows\system32\MRT.exe
2013-03-13 23:43:56 ----D---- C:\Windows\system32\wdi
2013-03-13 02:08:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-04-15 40064]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsrAppCharger;AsrAppCharger; C:\Windows\system32\DRIVERS\AsrAppCharger.sys [2011-05-10 17192]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-15 283200]
R1 FNETURPX;FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [2012-08-15 15936]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-02-15 71032]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-29 9980416]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-28 309248]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-07 231440]
R3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-08-15 165504]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-04-21 471144]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-06-14 2159728]
R3 VMfilt;VMfilt; C:\Windows\system32\drivers\VMfilt64.sys [2009-07-31 25600]
S3 FNETTBOH_305;FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [2012-08-15 31808]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2007-09-17 29184]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-08-03 16392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;tsusbhub; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-28 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-02-15 384888]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 NeroMediaHomeService.4;Nero MediaHome 4 Service; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [2012-02-28 517416]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-06-14 27760]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-02-15 393080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-22 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-22 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-15 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingF5853"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF960"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4699"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF590"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6905"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9449"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1720"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9203"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3125"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5659"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8912"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8159"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6630"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1858"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2426"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF182"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6671"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9260"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9799"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5139"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5018"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2006"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2022"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF7110"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF485"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3793"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9570"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5179"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1126"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3049"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5373"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3848"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9125"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1055"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6005"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6573"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2740"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5057"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5891"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3913"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8429"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5968"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5158"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8578"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF718"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6225"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6656"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3574"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1271"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF7704"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3654"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3047"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF179"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2549"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8362"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1230"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6804"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8589"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6814"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1872"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5397"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5630"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8762"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9271"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8510"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4230"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9836"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6712"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF549"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5430"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4564"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5063"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF7541"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6994"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5304"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8662"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9433"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9660"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4383"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4452"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1555"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9149"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF8339"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF6255"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF7480"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3292"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5249"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1127"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3668"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF3974"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4860"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF1667"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4313"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2679"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF9158"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2187"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF2955"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF5033"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF4006"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingF7420"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [2012-03-06 574296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2013-02-28 102400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-11-12 91704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Plex Media Server]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2012-04-18 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XFastUsb]
C:\Program Files (x86)\XFastUsb\XFastUsb.exe [2012-08-15 4942336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~1.5\TMMONI~1.EXE [2009-06-26 258048]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-06-20 5199984]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 336384]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Nero MediaHome 4"=C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [2012-02-28 5178664]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-02-15 601976]
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingE2440"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE1179"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE7774"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE3030"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE7830"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE4436"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE6619"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE9937"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
"SpybotDeletingE6347"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe [2012-11-13 2710040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"VIDC.LAGS"=lagarith.dll
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-04-10 17:41:04 ----A---- C:\Windows\wininit.ini
2013-04-10 17:08:28 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-04-10 17:08:22 ----A---- C:\Windows\system32\sdnclean64.exe
2013-04-10 17:08:17 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-04-10 12:36:59 ----D---- C:\Program Files\trend micro
2013-04-10 12:36:58 ----D---- C:\rsit
2013-04-10 12:22:48 ----D---- C:\Users\AMD-Vision\AppData\Roaming\Malwarebytes
2013-04-10 12:22:34 ----D---- C:\ProgramData\Malwarebytes
2013-04-10 12:22:33 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-10 12:22:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-04-09 23:57:07 ----A---- C:\AdwCleaner[S1].txt
2013-04-08 11:02:03 ----D---- C:\Program Files (x86)\Activision
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-05 05:31:21 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-04-05 05:31:21 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-05 05:31:21 ----A---- C:\Windows\system32\elshyph.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-04-05 05:31:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-04-05 05:31:19 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-04-05 05:31:18 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-04-05 05:31:18 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-05 05:31:18 ----A---- C:\Windows\system32\iertutil.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\wininet.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\webcheck.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\urlmon.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\url.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\msrating.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\msls31.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\inseng.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\iesetup.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\iernonce.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\ieapfltr.dat
2013-04-05 05:31:17 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-05 05:31:17 ----A---- C:\Windows\system32\icardie.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-05 05:31:17 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\wextract.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\vbscript.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\occache.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\mshtml.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\mshta.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\jscript9.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\jscript.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\imgutil.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\iexpress.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-05 05:31:16 ----A---- C:\Windows\system32\iepeers.dll
2013-04-05 05:31:16 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-05 05:31:15 ----A---- C:\Windows\system32\ieui.dll
2013-04-05 05:31:15 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-05 05:31:15 ----A---- C:\Windows\system32\ieframe.dll
2013-03-23 11:48:33 ----D---- C:\Program Files (x86)\Ask.com
2013-03-23 11:48:13 ----D---- C:\Program Files (x86)\MyPlayCity.com
2013-03-20 21:53:34 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-18 23:17:04 ----D---- C:\Users\AMD-Vision\AppData\Roaming\Opera
2013-03-18 23:16:56 ----D---- C:\Program Files (x86)\Opera
2013-03-18 15:54:28 ----D---- C:\Users\AMD-Vision\AppData\Roaming\Tor
2013-03-17 02:54:38 ----D---- C:\Program Files (x86)\BlueStacks
2013-03-17 02:54:00 ----D---- C:\ProgramData\BlueStacksSetup
2013-03-17 02:54:00 ----D---- C:\ProgramData\BlueStacks
======List of files/folders modified in the last 1 month======
2013-04-10 18:26:13 ----D---- C:\Windows\Prefetch
2013-04-10 18:11:23 ----D---- C:\Windows\inf
2013-04-10 18:11:23 ----AD---- C:\Windows\System32
2013-04-10 18:11:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-10 17:56:42 ----D---- C:\Windows\Temp
2013-04-10 17:41:05 ----SHD---- C:\Windows\Installer
2013-04-10 17:41:05 ----RD---- C:\Program Files (x86)
2013-04-10 17:41:05 ----HD---- C:\ProgramData
2013-04-10 17:41:05 ----D---- C:\Windows
2013-04-10 17:22:40 ----D---- C:\Windows\system32\config
2013-04-10 17:12:37 ----D---- C:\Windows\system32\catroot2
2013-04-10 17:12:37 ----D---- C:\Windows\system32\catroot
2013-04-10 17:12:31 ----D---- C:\Windows\winsxs
2013-04-10 17:08:29 ----D---- C:\Windows\system32\Tasks
2013-04-10 17:08:27 ----SD---- C:\ProgramData\Microsoft
2013-04-10 16:48:51 ----D---- C:\Windows\system32\NDF
2013-04-10 16:42:59 ----D---- C:\ProgramData\continuetosave
2013-04-10 12:36:59 ----RD---- C:\Program Files
2013-04-10 12:22:33 ----AD---- C:\Windows\system32\drivers
2013-04-10 12:17:41 ----SHD---- C:\System Volume Information
2013-04-10 12:05:49 ----D---- C:\Windows\Tasks
2013-04-10 12:05:49 ----D---- C:\Windows\system32\wfp
2013-04-10 12:05:44 ----D---- C:\Windows\system32\wbem
2013-04-10 12:05:04 ----D---- C:\Windows\system32\DriverStore
2013-04-10 12:05:04 ----D---- C:\Windows\system32\drivers\etc
2013-04-10 12:05:04 ----D---- C:\Program Files (x86)\Windows Mail
2013-04-10 12:05:03 ----D---- C:\Windows\system32\CodeIntegrity
2013-04-10 12:05:02 ----D---- C:\Windows\AppCompat
2013-04-10 12:05:01 ----D---- C:\Users\AMD-Vision\AppData\Roaming\GHISLER
2013-04-10 12:05:00 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-04-10 12:05:00 ----D---- C:\ProgramData\Big Fish Games
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Pro Evolution Soccer 2013
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\PowerArchiver
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\LSHunter.TV
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Jet Set Go
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Jack of All Tribes
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Electronic Arts
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Cooking Academy 3 - Recipe for Success
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\ContinueToSave
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\Campgrounds
2013-04-10 12:04:59 ----D---- C:\Program Files (x86)\bfgclient
2013-04-10 12:04:58 ----D---- C:\Hry
2013-04-10 12:04:58 ----D---- C:\BigFishGamesCache
2013-04-10 12:04:57 ----D---- C:\Windows\registration
2013-04-10 12:04:53 ----RSD---- C:\Windows\assembly
2013-04-10 00:21:05 ----D---- C:\Users\AMD-Vision\AppData\Roaming\Media Player Classic
2013-04-10 00:20:51 ----D---- C:\Windows\Panther
2013-04-10 00:20:50 ----D---- C:\Windows\Logs
2013-04-07 13:09:02 ----D---- C:\Windows\rescache
2013-04-07 10:06:32 ----D---- C:\Users\AMD-Vision\AppData\Roaming\uTorrent
2013-04-05 15:57:49 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-05 15:57:48 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-05 15:57:48 ----D---- C:\Windows\system32\cs-CZ
2013-04-05 15:57:48 ----D---- C:\Program Files\Internet Explorer
2013-04-05 15:57:47 ----D---- C:\Windows\SYSWOW64\migration
2013-04-05 15:57:46 ----D---- C:\Windows\SYSWOW64\en-US
2013-04-05 15:57:46 ----AD---- C:\Windows\SysWOW64
2013-04-05 15:57:45 ----D---- C:\Windows\system32\migration
2013-04-05 15:57:45 ----D---- C:\Windows\system32\en-US
2013-04-05 15:57:45 ----D---- C:\Windows\PolicyDefinitions
2013-04-04 20:53:23 ----D---- C:\Program Files\CCleaner
2013-04-04 20:52:17 ----D---- C:\Users\AMD-Vision\AppData\Roaming\Winamp
2013-04-04 20:52:12 ----D---- C:\Windows\Minidump
2013-04-04 08:09:26 ----D---- C:\Users\AMD-Vision\AppData\Roaming\DAEMON Tools Lite
2013-04-02 12:34:28 ----N---- C:\Windows\system32\MpSigStub.exe
2013-03-22 17:51:15 ----D---- C:\Program Files (x86)\Google
2013-03-19 15:25:37 ----AD---- C:\ProgramData\Temp
2013-03-17 11:36:05 ----D---- C:\Windows\Microsoft.NET
2013-03-14 17:18:39 ----D---- C:\Windows\debug
2013-03-14 07:40:24 ----D---- C:\Windows\AppPatch
2013-03-14 07:40:18 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 07:40:17 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 00:54:12 ----A---- C:\Windows\system32\MRT.exe
2013-03-13 23:43:56 ----D---- C:\Windows\system32\wdi
2013-03-13 02:08:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-04-15 40064]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsrAppCharger;AsrAppCharger; C:\Windows\system32\DRIVERS\AsrAppCharger.sys [2011-05-10 17192]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-15 283200]
R1 FNETURPX;FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [2012-08-15 15936]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-02-15 71032]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-29 9980416]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-28 309248]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-07 231440]
R3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-08-15 165504]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-04-21 471144]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-06-14 2159728]
R3 VMfilt;VMfilt; C:\Windows\system32\drivers\VMfilt64.sys [2009-07-31 25600]
S3 FNETTBOH_305;FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [2012-08-15 31808]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2007-09-17 29184]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-08-03 16392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;tsusbhub; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-28 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-02-15 384888]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 NeroMediaHomeService.4;Nero MediaHome 4 Service; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [2012-02-28 517416]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-06-14 27760]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-02-15 393080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-22 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-22 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-15 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Re: Vir "Váš počítač je zablokován" - dočištění
Zdravim.
Kdyz uz jste si hral na doktora, spatne se to pak cisti 
Odinstalujte Spybota, program je zastaraly.
Odinstalujte Advanced SystemCare a pripdne vse od IObit. Dokaze to nadelat vic skody nez uzitku.
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Kdyz uz jste si hral na doktora, spatne se to pak cisti Odinstalujte Spybota, program je zastaraly. Odinstalujte Advanced SystemCare a pripdne vse od IObit. Dokaze to nadelat vic skody nez uzitku. Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Vir "Váš počítač je zablokován" - dočištění
Provedeno.Logy přikládám.
1.část
OTL logfile created on: 11.4.2013 9:05:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\AMD-Vision\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,48 Gb Total Physical Memory | 5,46 Gb Available Physical Memory | 73,07% Memory free
15,48 Gb Paging File | 13,33 Gb Available in Paging File | 86,12% Paging File free
Paging file location(s): c:\pagefile.sys 8192 12216 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 117,09 Gb Total Space | 19,52 Gb Free Space | 16,67% Space Free | Partition Type: NTFS
Drive D: | 348,57 Gb Total Space | 41,13 Gb Free Space | 11,80% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 18,87 Gb Free Space | 6,33% Space Free | Partition Type: NTFS
Computer Name: AMD-VISION-PC | User Name: AMD-Vision | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.11 08:17:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\AMD-Vision\Desktop\OTL.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.13 02:08:25 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013.03.08 22:12:25 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.02.15 16:28:54 | 000,601,976 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013.02.15 16:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.02.28 18:12:14 | 005,178,664 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe
PRC - [2012.02.28 18:12:14 | 000,517,416 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.17 02:56:37 | 000,644,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\8ab2ef26e0f12a948693309f478b2412\HD-Agent.ni.exe
MOD - [2013.03.17 02:56:33 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\567a91db0da200e86e2bd801cbec56d5\JSON.ni.dll
MOD - [2013.03.13 02:08:23 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.03.08 22:12:01 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.02.14 09:24:57 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.14 09:24:44 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.24 13:32:48 | 001,057,280 | ---- | M] () -- c:\Program Files (x86)\ContinueToSave\sprotector.dll
MOD - [2013.01.24 13:20:16 | 001,032,704 | ---- | M] () -- c:\Program Files (x86)\SimpleSpeedy\sprotector.dll
MOD - [2013.01.09 09:04:54 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.09 09:04:40 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.09 09:04:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.09 09:04:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.09 09:04:27 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2010.11.13 04:36:45 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.04 17:54:40 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.07.28 23:35:35 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.07.28 17:43:58 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.06.14 15:42:48 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.13 02:08:26 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.08 22:12:24 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.15 16:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013.02.15 16:27:52 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.02.28 18:12:14 | 000,517,416 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe -- (NeroMediaHomeService.4)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.04.07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.08.15 22:16:21 | 000,165,504 | ---- | M] (ITE ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV:64bit: - [2012.08.15 19:17:12 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.08.15 16:11:44 | 000,031,808 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV:64bit: - [2012.08.15 16:06:54 | 000,015,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.29 00:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.28 22:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.06.14 15:42:44 | 002,159,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2011.06.07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.05.10 16:28:48 | 000,017,192 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2011.04.21 20:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.15 20:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011.04.15 20:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011.03.18 02:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011.03.18 02:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.09.19 06:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009.09.19 06:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009.09.19 06:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009.08.03 10:22:58 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2009.07.31 05:40:34 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMfilt64.sys -- (VMfilt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.09.17 16:53:34 | 000,029,184 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2013.02.28 00:59:34 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2013.02.15 16:28:06 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2958
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2958
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... e&tid=2958
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.sweetim.com/search.asp?sr ... 5FF433CB74}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.simplespeedy.info/?l=1&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes,DefaultScope = {3FAF956C-FFB7-4877-881B-C25DCA3331C8}
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://uk.search.yahoo.com/search?p={se ... &type=ASRK
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babylon.com/?q={searchTe ... 5ff433cb74
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{1969C601-85DD-4629-90FC-BB9C681B20A9}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{1C6A2D9A-DC22-4009-9014-C6078B3EFF9B}: "URL" = http://www.firmy.cz/phr/{searchTerms}?s ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{3E80A574-62CB-415C-9AB6-C83CD176C2FD}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{3FAF956C-FFB7-4877-881B-C25DCA3331C8}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{458B20B6-A343-458D-9242-9BD834DD621C}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{61E29C6F-9C51-46BB-9EC1-24DD52529645}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{6A3409E6-A90C-4C9B-8426-8D991EA994F3}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{AC51D159-193F-4417-B6E6-513228F4C03B}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.google.com/custom?client=pub ... earchTerms}
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.simplespeedy.info/?l=1&q={searchTerms}
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 5FF433CB74}
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 180.250.130.186:80
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "http://websearch.simplespeedy.info/?l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine: "Seznam"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15
FF - prefs.js..extensions.enabledAddons: toolbar%40ask.com:3.12.2.16749
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "http://websearch.simplespeedy.info/?l=1&q="
FF - prefs.js..network.proxy.http: " 213. 195. 228. 151 "
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 22:12:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.19 03:28:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 22:12:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.01.19 03:28:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Extensions
[2013.01.19 03:28:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.04.10 12:07:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\extensions
[2013.03.29 12:05:21 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.02.09 01:03:37 | 000,000,000 | ---D | M] (continuetosave) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\extensions\5115846e89bab@5115846e89be4.com
[2012.10.14 01:17:29 | 000,005,370 | ---- | M] () (No name found) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\extensions\5079f814d6011@5079f814d604a.com.xpi
[2013.02.14 07:47:42 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.08 22:11:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\AMD-VISION\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TOBV71R9.DEFAULT-1349848874682\EXTENSIONS\TOOLBAR@ASK.COM
[2013.03.08 22:12:25 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.19 23:27:10 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.19 23:27:10 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.19 23:27:10 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.19 23:27:10 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.01.19 03:28:28 | 000,003,269 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
[2013.02.19 23:27:10 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccebdhmecmkhfiopjdjafhjihhiogijj\1\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibfgbclmgnmffinenpipoibfdoblond\1.4.4_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfpcckoflkdgjdobdkpclgngaahgbpi\1.1.4_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghoooididkjbjjldgojdgceoinbhbjmh\1.1.3_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\lelcohngbjgpiibagnfmncojacafbbpg\1.0.3_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.08.18 22:32:52 | 000,000,868 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\AMD-Vision\AppData\Roaming\Complitly\64\Complitly64.dll File not found
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Certified Toolbar) - {0de094f5-e894-48c7-b16f-338d64674721} - Reg Error: Value error. File not found
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (continuetosave) - {99D9A734-954F-8613-F84D-6EE9DDB6A7BA} - C:\ProgramData\continuetosave\5115846e89d2e.dll ()
O2 - BHO: (MyPlayCity Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Certified Toolbar) - {0de094f5-e894-48c7-b16f-338d64674721} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MyPlayCity Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart File not found
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000..\Run: [ASRockXTU] File not found
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000..\Run: [Nektra OEAPI] File not found
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1005..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.3.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.114.192.15 82.114.192.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29856F60-DB2B-4CF0-A437-7574FCE31592}: DhcpNameServer = 82.114.192.15 82.114.192.6
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~2\contin~1\sprote~1.dll) - c:\Program Files (x86)\ContinueToSave\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~2\simple~1\sprote~1.dll) - c:\Program Files (x86)\SimpleSpeedy\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{50c69523-e6fc-11e1-8c1a-bc5ff433cb74}\Shell - "" = AutoRun
O33 - MountPoints2\{50c69523-e6fc-11e1-8c1a-bc5ff433cb74}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{fbe8581a-e708-11e1-86c9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fbe8581a-e708-11e1-86c9-806e6f6e6963}\Shell\AutoRun\command - "" = F:\ASRSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.04.11 08:17:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Users\AMD-Vision\Desktop\OTL.exe
[2013.04.11 06:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2013.04.11 06:58:59 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.04.11 06:58:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.11 06:58:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.11 06:58:50 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.10 23:49:36 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.10 23:49:35 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.10 23:49:35 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.04.10 23:49:34 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.04.10 23:49:34 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.04.10 23:49:34 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.04.10 23:49:34 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.04.10 23:49:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.04.10 23:49:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.04.10 23:49:34 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.04.10 23:49:34 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.04.10 23:49:33 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.10 23:49:31 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.10 23:49:31 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.10 23:49:31 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.10 17:12:53 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.04.10 17:12:52 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.04.10 17:12:50 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.04.10 17:12:50 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.04.10 17:12:50 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.04.10 17:12:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.04.10 17:12:43 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 17:12:42 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 17:12:42 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 17:12:41 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 17:12:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 17:12:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.04.10 17:08:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.04.10 17:06:20 | 055,454,464 | ---- | C] (Safer-Networking Ltd. ) -- D:\Users\AMD-Vision\Desktop\SpybotSD2.exe
[2013.04.10 12:36:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.04.10 12:36:58 | 000,000,000 | ---D | C] -- C:\rsit
[2013.04.10 12:22:48 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Roaming\Malwarebytes
[2013.04.10 12:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.10 12:22:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.10 12:22:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.10 12:21:41 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- D:\Users\AMD-Vision\Desktop\mbam-setup-1.75.0.1300.exe
[2013.04.10 12:18:31 | 000,050,688 | ---- | C] (Atribune.org) -- D:\Users\AMD-Vision\Desktop\ATF-Cleaner.exe
[2013.04.10 00:00:46 | 000,000,000 | ---D | C] -- D:\Users\AMD-Vision\Desktop\RK_Quarantine
[2013.04.08 11:09:53 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Local\Activision
[2013.04.08 11:02:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2013.04.05 05:31:21 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.04.05 05:31:21 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.04.05 05:31:21 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.04.05 05:31:20 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.04.05 05:31:20 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.04.05 05:31:20 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.04.05 05:31:20 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.04.05 05:31:20 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.05 05:31:20 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.04.05 05:31:20 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.04.05 05:31:20 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.05 05:31:20 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.04.05 05:31:19 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.04.05 05:31:19 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.04.05 05:31:19 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.04.05 05:31:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.04.05 05:31:19 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.04.05 05:31:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.04.05 05:31:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.04.05 05:31:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.04.05 05:31:18 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.05 05:31:18 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.04.05 05:31:18 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.05 05:31:18 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.04.05 05:31:18 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.04.05 05:31:17 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.05 05:31:17 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.04.05 05:31:17 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.04.05 05:31:17 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.04.05 05:31:17 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.04.05 05:31:17 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.04.05 05:31:17 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.04.05 05:31:17 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.05 05:31:17 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.04.05 05:31:17 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.04.05 05:31:17 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.04.05 05:31:17 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.05 05:31:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.04.05 05:31:17 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.04.05 05:31:16 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.05 05:31:16 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.05 05:31:16 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.04.05 05:31:16 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.04.05 05:31:16 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.04.05 05:31:16 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.04.05 05:31:16 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.04.05 05:31:16 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.04.05 05:31:16 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.04.05 05:31:16 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.04.05 05:31:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.04.05 05:31:16 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.04.05 05:31:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.04.05 05:31:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.04.04 21:00:43 | 000,000,000 | ---D | C] -- D:\Users\AMD-Vision\Desktop\Verča
[2013.03.23 11:48:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2013.03.23 11:48:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
[2013.03.23 11:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPlayCity.com
[2013.03.22 17:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.03.20 21:53:34 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.18 23:17:04 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Roaming\Opera
[2013.03.18 23:17:04 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Local\Opera
[2013.03.18 23:16:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2013.03.18 15:57:06 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor
[2013.03.18 15:54:28 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Roaming\Tor
[2013.03.17 02:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2013.03.17 02:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2013.03.17 02:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2013.03.17 02:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
1.část
OTL logfile created on: 11.4.2013 9:05:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\AMD-Vision\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,48 Gb Total Physical Memory | 5,46 Gb Available Physical Memory | 73,07% Memory free
15,48 Gb Paging File | 13,33 Gb Available in Paging File | 86,12% Paging File free
Paging file location(s): c:\pagefile.sys 8192 12216 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 117,09 Gb Total Space | 19,52 Gb Free Space | 16,67% Space Free | Partition Type: NTFS
Drive D: | 348,57 Gb Total Space | 41,13 Gb Free Space | 11,80% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 18,87 Gb Free Space | 6,33% Space Free | Partition Type: NTFS
Computer Name: AMD-VISION-PC | User Name: AMD-Vision | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.11 08:17:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\AMD-Vision\Desktop\OTL.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.13 02:08:25 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013.03.08 22:12:25 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.02.15 16:28:54 | 000,601,976 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013.02.15 16:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.02.28 18:12:14 | 005,178,664 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe
PRC - [2012.02.28 18:12:14 | 000,517,416 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.17 02:56:37 | 000,644,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\8ab2ef26e0f12a948693309f478b2412\HD-Agent.ni.exe
MOD - [2013.03.17 02:56:33 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\567a91db0da200e86e2bd801cbec56d5\JSON.ni.dll
MOD - [2013.03.13 02:08:23 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.03.08 22:12:01 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.02.14 09:24:57 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.14 09:24:44 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.24 13:32:48 | 001,057,280 | ---- | M] () -- c:\Program Files (x86)\ContinueToSave\sprotector.dll
MOD - [2013.01.24 13:20:16 | 001,032,704 | ---- | M] () -- c:\Program Files (x86)\SimpleSpeedy\sprotector.dll
MOD - [2013.01.09 09:04:54 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.09 09:04:40 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.09 09:04:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.09 09:04:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.09 09:04:27 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2010.11.13 04:36:45 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.04 17:54:40 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.07.28 23:35:35 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.07.28 17:43:58 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.06.14 15:42:48 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.13 02:08:26 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.08 22:12:24 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.15 16:28:12 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013.02.15 16:27:52 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.02.28 18:12:14 | 000,517,416 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe -- (NeroMediaHomeService.4)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.04.07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.08.15 22:16:21 | 000,165,504 | ---- | M] (ITE ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV:64bit: - [2012.08.15 19:17:12 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.08.15 16:11:44 | 000,031,808 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV:64bit: - [2012.08.15 16:06:54 | 000,015,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.29 00:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.28 22:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.06.14 15:42:44 | 002,159,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2011.06.07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.05.10 16:28:48 | 000,017,192 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2011.04.21 20:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.15 20:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011.04.15 20:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011.03.18 02:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011.03.18 02:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.09.19 06:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009.09.19 06:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009.09.19 06:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009.08.03 10:22:58 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2009.07.31 05:40:34 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMfilt64.sys -- (VMfilt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.09.17 16:53:34 | 000,029,184 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2013.02.28 00:59:34 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2013.02.15 16:28:06 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2958
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si= ... e&tid=2958
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si= ... e&tid=2958
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.sweetim.com/search.asp?sr ... 5FF433CB74}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.simplespeedy.info/?l=1&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes,DefaultScope = {3FAF956C-FFB7-4877-881B-C25DCA3331C8}
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://uk.search.yahoo.com/search?p={se ... &type=ASRK
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babylon.com/?q={searchTe ... 5ff433cb74
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{1969C601-85DD-4629-90FC-BB9C681B20A9}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{1C6A2D9A-DC22-4009-9014-C6078B3EFF9B}: "URL" = http://www.firmy.cz/phr/{searchTerms}?s ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{3E80A574-62CB-415C-9AB6-C83CD176C2FD}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{3FAF956C-FFB7-4877-881B-C25DCA3331C8}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{458B20B6-A343-458D-9242-9BD834DD621C}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{61E29C6F-9C51-46BB-9EC1-24DD52529645}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{6A3409E6-A90C-4C9B-8426-8D991EA994F3}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{AC51D159-193F-4417-B6E6-513228F4C03B}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13906
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.google.com/custom?client=pub ... earchTerms}
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.simplespeedy.info/?l=1&q={searchTerms}
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 5FF433CB74}
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 180.250.130.186:80
IE - HKU\S-1-5-21-4150456642-3383372601-3730963037-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "http://websearch.simplespeedy.info/?l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine: "Seznam"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15
FF - prefs.js..extensions.enabledAddons: toolbar%40ask.com:3.12.2.16749
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "http://websearch.simplespeedy.info/?l=1&q="
FF - prefs.js..network.proxy.http: " 213. 195. 228. 151 "
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 22:12:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.19 03:28:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 22:12:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.01.19 03:28:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Extensions
[2013.01.19 03:28:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.04.10 12:07:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\extensions
[2013.03.29 12:05:21 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.02.09 01:03:37 | 000,000,000 | ---D | M] (continuetosave) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\extensions\5115846e89bab@5115846e89be4.com
[2012.10.14 01:17:29 | 000,005,370 | ---- | M] () (No name found) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\extensions\5079f814d6011@5079f814d604a.com.xpi
[2013.02.14 07:47:42 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.08 22:11:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\AMD-VISION\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TOBV71R9.DEFAULT-1349848874682\EXTENSIONS\TOOLBAR@ASK.COM
[2013.03.08 22:12:25 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.19 23:27:10 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.19 23:27:10 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.19 23:27:10 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.19 23:27:10 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.01.19 03:28:28 | 000,003,269 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
[2013.02.19 23:27:10 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccebdhmecmkhfiopjdjafhjihhiogijj\1\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibfgbclmgnmffinenpipoibfdoblond\1.4.4_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfpcckoflkdgjdobdkpclgngaahgbpi\1.1.4_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghoooididkjbjjldgojdgceoinbhbjmh\1.1.3_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\lelcohngbjgpiibagnfmncojacafbbpg\1.0.3_0\
CHR - Extension: No name found = C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.08.18 22:32:52 | 000,000,868 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\AMD-Vision\AppData\Roaming\Complitly\64\Complitly64.dll File not found
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Certified Toolbar) - {0de094f5-e894-48c7-b16f-338d64674721} - Reg Error: Value error. File not found
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (continuetosave) - {99D9A734-954F-8613-F84D-6EE9DDB6A7BA} - C:\ProgramData\continuetosave\5115846e89d2e.dll ()
O2 - BHO: (MyPlayCity Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Certified Toolbar) - {0de094f5-e894-48c7-b16f-338d64674721} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MyPlayCity Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart File not found
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000..\Run: [ASRockXTU] File not found
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000..\Run: [Nektra OEAPI] File not found
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1005..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.3.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.114.192.15 82.114.192.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29856F60-DB2B-4CF0-A437-7574FCE31592}: DhcpNameServer = 82.114.192.15 82.114.192.6
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~2\contin~1\sprote~1.dll) - c:\Program Files (x86)\ContinueToSave\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~2\simple~1\sprote~1.dll) - c:\Program Files (x86)\SimpleSpeedy\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{50c69523-e6fc-11e1-8c1a-bc5ff433cb74}\Shell - "" = AutoRun
O33 - MountPoints2\{50c69523-e6fc-11e1-8c1a-bc5ff433cb74}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{fbe8581a-e708-11e1-86c9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fbe8581a-e708-11e1-86c9-806e6f6e6963}\Shell\AutoRun\command - "" = F:\ASRSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.04.11 08:17:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Users\AMD-Vision\Desktop\OTL.exe
[2013.04.11 06:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2013.04.11 06:58:59 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.04.11 06:58:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.11 06:58:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.11 06:58:50 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.10 23:49:36 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.10 23:49:35 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.10 23:49:35 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.04.10 23:49:34 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.04.10 23:49:34 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.04.10 23:49:34 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.04.10 23:49:34 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.04.10 23:49:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.04.10 23:49:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.04.10 23:49:34 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.04.10 23:49:34 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.04.10 23:49:33 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.10 23:49:31 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.10 23:49:31 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.10 23:49:31 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.10 17:12:53 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.04.10 17:12:52 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.04.10 17:12:50 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.04.10 17:12:50 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.04.10 17:12:50 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.04.10 17:12:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.04.10 17:12:43 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 17:12:42 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 17:12:42 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 17:12:41 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 17:12:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 17:12:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.04.10 17:08:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.04.10 17:06:20 | 055,454,464 | ---- | C] (Safer-Networking Ltd. ) -- D:\Users\AMD-Vision\Desktop\SpybotSD2.exe
[2013.04.10 12:36:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.04.10 12:36:58 | 000,000,000 | ---D | C] -- C:\rsit
[2013.04.10 12:22:48 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Roaming\Malwarebytes
[2013.04.10 12:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.10 12:22:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.10 12:22:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.10 12:21:41 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- D:\Users\AMD-Vision\Desktop\mbam-setup-1.75.0.1300.exe
[2013.04.10 12:18:31 | 000,050,688 | ---- | C] (Atribune.org) -- D:\Users\AMD-Vision\Desktop\ATF-Cleaner.exe
[2013.04.10 00:00:46 | 000,000,000 | ---D | C] -- D:\Users\AMD-Vision\Desktop\RK_Quarantine
[2013.04.08 11:09:53 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Local\Activision
[2013.04.08 11:02:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2013.04.05 05:31:21 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.04.05 05:31:21 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.04.05 05:31:21 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.04.05 05:31:20 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.04.05 05:31:20 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.04.05 05:31:20 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.04.05 05:31:20 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.04.05 05:31:20 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.05 05:31:20 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.04.05 05:31:20 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.04.05 05:31:20 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.05 05:31:20 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.04.05 05:31:19 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.04.05 05:31:19 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.04.05 05:31:19 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.04.05 05:31:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.04.05 05:31:19 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.04.05 05:31:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.04.05 05:31:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.04.05 05:31:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.04.05 05:31:18 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.05 05:31:18 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.04.05 05:31:18 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.05 05:31:18 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.04.05 05:31:18 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.04.05 05:31:17 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.05 05:31:17 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.04.05 05:31:17 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.04.05 05:31:17 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.04.05 05:31:17 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.04.05 05:31:17 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.04.05 05:31:17 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.04.05 05:31:17 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.05 05:31:17 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.04.05 05:31:17 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.04.05 05:31:17 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.04.05 05:31:17 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.05 05:31:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.04.05 05:31:17 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.04.05 05:31:16 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.05 05:31:16 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.05 05:31:16 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.04.05 05:31:16 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.04.05 05:31:16 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.04.05 05:31:16 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.04.05 05:31:16 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.04.05 05:31:16 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.04.05 05:31:16 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.04.05 05:31:16 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.04.05 05:31:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.04.05 05:31:16 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.04.05 05:31:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.04.05 05:31:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.04.04 21:00:43 | 000,000,000 | ---D | C] -- D:\Users\AMD-Vision\Desktop\Verča
[2013.03.23 11:48:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2013.03.23 11:48:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
[2013.03.23 11:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPlayCity.com
[2013.03.22 17:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.03.20 21:53:34 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.18 23:17:04 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Roaming\Opera
[2013.03.18 23:17:04 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Local\Opera
[2013.03.18 23:16:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2013.03.18 15:57:06 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor
[2013.03.18 15:54:28 | 000,000,000 | ---D | C] -- C:\Users\AMD-Vision\AppData\Roaming\Tor
[2013.03.17 02:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2013.03.17 02:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2013.03.17 02:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2013.03.17 02:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
Re: Vir "Váš počítač je zablokován" - dočištění
2.část OTL txt log:
========== Files - Modified Within 30 Days ==========
[2013.04.11 09:06:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.11 08:50:56 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.11 08:19:04 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 08:19:04 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 08:18:46 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.11 08:18:46 | 000,631,054 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.04.11 08:18:46 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.11 08:18:46 | 000,121,708 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.04.11 08:18:46 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.11 08:17:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\AMD-Vision\Desktop\OTL.exe
[2013.04.11 08:11:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.11 08:11:19 | 1727,229,951 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.11 08:08:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.11 06:58:42 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.11 06:58:38 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.04.11 06:58:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.11 06:58:37 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.11 06:58:36 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.04.11 06:58:36 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.04.11 06:51:15 | 005,038,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.10 17:41:05 | 000,000,848 | ---- | M] () -- C:\Windows\wininit.ini
[2013.04.10 17:29:57 | 000,104,109 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\3142304401.jpg
[2013.04.10 17:06:49 | 055,454,464 | ---- | M] (Safer-Networking Ltd. ) -- D:\Users\AMD-Vision\Desktop\SpybotSD2.exe
[2013.04.10 12:35:17 | 000,935,175 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\RSITx64.exe
[2013.04.10 12:22:40 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.10 12:21:44 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- D:\Users\AMD-Vision\Desktop\mbam-setup-1.75.0.1300.exe
[2013.04.10 12:18:32 | 000,050,688 | ---- | M] (Atribune.org) -- D:\Users\AMD-Vision\Desktop\ATF-Cleaner.exe
[2013.04.09 23:48:58 | 000,816,128 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\RogueKiller.exe
[2013.04.09 15:50:17 | 095,023,320 | ---- | M] () -- C:\ProgramData\odoc2t.pad
[2013.04.09 08:14:55 | 000,000,495 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\Dokument.rtf
[2013.04.09 07:14:48 | 000,000,152 | ---- | M] () -- C:\ProgramData\odoc2t.reg
[2013.04.08 13:07:08 | 646,395,668 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\Strach-a-hnus-v-Las-Vegas---komedie-v-CZ-1998.avi
[2013.04.08 13:05:29 | 000,060,605 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\Klass-Elu-p-rast-S01E07(0000191948).srt
[2013.04.08 13:05:04 | 000,034,546 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\Klass-Elu-p-rast-S01E06(0000191423).srt
[2013.04.05 05:31:22 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.04.05 05:31:21 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.04.05 05:31:21 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.04.05 05:31:21 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.04.05 05:31:20 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.04.05 05:31:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.04.05 05:31:20 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.04.05 05:31:20 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.05 05:31:20 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.04.05 05:31:20 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.04.05 05:31:20 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.05 05:31:20 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.04.05 05:31:19 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.04.05 05:31:19 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.04.05 05:31:19 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.04.05 05:31:19 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.04.05 05:31:19 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.04.05 05:31:19 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.04.05 05:31:19 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.04.05 05:31:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.04.05 05:31:19 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.04.05 05:31:18 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.05 05:31:18 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.05 05:31:18 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.04.05 05:31:18 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.04.05 05:31:18 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.05 05:31:18 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.04.05 05:31:17 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.05 05:31:17 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.04.05 05:31:17 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.04.05 05:31:17 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.04.05 05:31:17 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.04.05 05:31:17 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.04.05 05:31:17 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.04.05 05:31:17 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.05 05:31:17 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.04.05 05:31:17 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.04.05 05:31:17 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.05 05:31:17 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.04.05 05:31:17 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.04.05 05:31:17 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.05 05:31:16 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.05 05:31:16 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.05 05:31:16 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.04.05 05:31:16 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.04.05 05:31:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.04.05 05:31:16 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.04.05 05:31:16 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.04.05 05:31:16 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.04.05 05:31:16 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.04.05 05:31:16 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.04.05 05:31:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.04.05 05:31:16 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.04.05 05:31:16 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.04.05 05:31:15 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.04.04 21:38:23 | 000,059,541 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\seznam-drazenych-mv---1942013-na-net.pdf
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.04 10:13:07 | 1073,741,824 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\the-sims-3-pets.part1.rar
[2013.03.31 22:53:11 | 000,000,263 | ---- | M] () -- C:\Users\Public\Documents\autodr..rtf
[2013.03.30 03:14:32 | 000,006,656 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.30 02:57:32 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.03.23 11:48:26 | 000,002,023 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\Bee Adventure.lnk
[2013.03.23 11:48:26 | 000,002,016 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\MyPlayCity Games.lnk
[2013.03.19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.03.19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.03.19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.03.19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.03.19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.03.17 02:54:56 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013.03.13 02:08:26 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 02:08:25 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.11 08:22:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.10 17:41:04 | 000,000,848 | ---- | C] () -- C:\Windows\wininit.ini
[2013.04.10 17:29:56 | 000,104,109 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\3142304401.jpg
[2013.04.10 12:35:14 | 000,935,175 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\RSITx64.exe
[2013.04.10 12:22:40 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.10 00:00:39 | 000,816,128 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\RogueKiller.exe
[2013.04.09 08:14:55 | 000,000,495 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\Dokument.rtf
[2013.04.09 07:14:48 | 000,000,152 | ---- | C] () -- C:\ProgramData\odoc2t.reg
[2013.04.09 07:14:47 | 095,023,320 | ---- | C] () -- C:\ProgramData\odoc2t.pad
[2013.04.08 13:05:29 | 000,060,605 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\Klass-Elu-p-rast-S01E07(0000191948).srt
[2013.04.08 13:05:03 | 000,034,546 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\Klass-Elu-p-rast-S01E06(0000191423).srt
[2013.04.08 11:59:30 | 646,395,668 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\Strach-a-hnus-v-Las-Vegas---komedie-v-CZ-1998.avi
[2013.04.05 05:31:18 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.05 05:31:17 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.04 21:22:56 | 000,059,541 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\seznam-drazenych-mv---1942013-na-net.pdf
[2013.04.04 10:08:03 | 1073,741,824 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\the-sims-3-pets.part1.rar
[2013.03.31 22:53:11 | 000,000,263 | ---- | C] () -- C:\Users\Public\Documents\autodr..rtf
[2013.03.23 11:48:26 | 000,002,023 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\Bee Adventure.lnk
[2013.03.23 11:48:26 | 000,002,016 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\MyPlayCity Games.lnk
[2013.03.18 23:17:01 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013.03.17 02:54:56 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013.03.02 22:34:44 | 000,006,656 | ---- | C] () -- C:\Users\AMD-Vision\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.19 03:28:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2013.01.19 03:28:33 | 000,015,360 | ---- | C] () -- C:\Windows\Launcher.exe
[2012.08.15 21:12:10 | 001,470,766 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.15 19:39:33 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.08.15 19:26:24 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.08.15 19:26:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2012.08.15 19:26:23 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.08.15 19:26:23 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.08.15 19:26:22 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.08.15 16:06:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.08.15 16:04:36 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.07.28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.22 13:19:29 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\AlawarSouthpoint
[2012.12.07 18:58:35 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\aliasworlds
[2012.11.23 18:41:41 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Artifex Mundi
[2013.04.04 08:09:26 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\DAEMON Tools Lite
[2013.01.26 18:59:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\DivoGames
[2012.11.21 22:29:44 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Friday's games
[2013.04.10 12:05:01 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\GHISLER
[2012.12.31 13:23:34 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\GoforFiles
[2012.12.23 14:26:22 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Happy Chef
[2012.08.20 17:52:53 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\IObit
[2013.01.22 22:57:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Jumb-O-Fun Games
[2012.08.15 20:49:58 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\LangSoft
[2013.02.21 10:56:27 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Leadertech
[2013.03.02 01:09:09 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\MoveFab
[2013.03.18 23:17:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Opera
[2013.02.12 01:26:42 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\PC Suite
[2013.01.23 20:34:54 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Ph03nixNewMedia
[2013.02.13 01:45:10 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Samsung
[2013.01.04 09:05:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz
[2013.01.19 03:28:39 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Thunderbird
[2013.02.18 19:29:34 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\TMNT
[2013.04.07 10:06:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\uTorrent
[2012.11.15 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\VitySoft
[2012.11.24 17:08:59 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\WeatherLord
[2012.08.19 22:57:10 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Zoner
[2012.12.10 22:24:03 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2012.12.10 22:24:03 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.15 18:50:24 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.08.22 06:30:56 | 000,000,956 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.22 06:30:57 | 000,000,960 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.02.09 00:38:14 | 000,000,438 | -H-- | C] () -- C:\Windows\Tasks\schedule!1143840799.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 05:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 05:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 04:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 04:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 05:26:00 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.06.02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 04:18:26 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.04.24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2012.04.24 07:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.04.24 07:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 05:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 05:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 05:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.20 05:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 05:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 07:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 05:33:46 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 05:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 05:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\SysNative\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 05:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 05:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 05:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 04:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 04:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[36 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.09.28 09:14:16 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Adobe
[2012.09.20 13:01:56 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Ahead
[2012.11.22 13:19:29 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\AlawarSouthpoint
[2012.12.07 18:58:35 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\aliasworlds
[2013.02.16 01:46:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Apple Computer
[2012.08.15 22:22:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\ArcSoft
[2012.11.23 18:41:41 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Artifex Mundi
[2012.08.15 16:06:24 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\ATI
[2013.04.04 08:09:26 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\DAEMON Tools Lite
[2013.01.26 18:59:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\DivoGames
[2012.11.21 22:29:44 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Friday's games
[2013.04.10 12:05:01 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\GHISLER
[2012.12.31 13:23:34 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\GoforFiles
[2012.12.23 14:26:22 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Happy Chef
[2012.08.15 15:55:14 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Identities
[2013.02.17 00:56:13 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\InstallShield
[2012.08.20 17:52:53 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\IObit
[2013.01.22 22:57:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Jumb-O-Fun Games
[2012.08.15 20:49:58 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\LangSoft
[2013.02.21 10:56:27 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Leadertech
[2012.08.15 18:50:27 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Macromedia
[2013.04.10 12:22:48 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Media Center Programs
[2013.04.10 00:21:05 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Media Player Classic
[2013.02.21 11:00:48 | 000,000,000 | --SD | M] -- C:\Users\AMD-Vision\AppData\Roaming\Microsoft
[2013.03.02 01:09:09 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\MoveFab
[2012.08.15 20:41:30 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla
[2013.02.16 01:30:30 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Nero
[2013.03.18 23:17:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Opera
[2013.02.12 01:26:42 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\PC Suite
[2013.01.23 20:34:54 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Ph03nixNewMedia
[2013.02.13 01:45:10 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Samsung
[2012.08.17 00:53:15 | 000,000,000 | R--D | M] -- C:\Users\AMD-Vision\AppData\Roaming\SecuROM
[2013.01.04 09:05:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz
[2013.01.19 03:28:39 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Thunderbird
[2013.02.18 19:29:34 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\TMNT
[2013.03.18 15:57:06 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Tor
[2013.04.07 10:06:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\uTorrent
[2012.11.15 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\VitySoft
[2012.10.12 22:54:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\vlc
[2012.11.24 17:08:59 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\WeatherLord
[2013.04.10 20:25:50 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Winamp
[2012.08.17 00:56:28 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\WinRAR
[2012.08.19 22:57:10 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2012.08.15 20:57:50 | 000,029,926 | R--- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2012.08.20 17:18:21 | 000,010,134 | R--- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013.02.28 00:58:26 | 089,280,248 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\AMD-Vision\AppData\Roaming\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe
[2012.09.13 15:24:48 | 001,009,288 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\szninstall.exe
[2012.09.14 14:06:28 | 002,515,592 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\sznsetup.exe
[2012.11.13 16:28:42 | 000,700,416 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe
[2012.11.13 17:07:56 | 000,055,808 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2012.11.12 12:05:50 | 000,455,736 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2012.11.12 12:05:16 | 000,091,704 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.03.26 01:03:26 | 264,240,573 | ---- | M] (Created with Setup Factory Personal Edition) -- C:\Users\AMD-Vision\AppData\Roaming\uTorrent\Fishdom 3 Sběratelská edice\Fishdom 3 Collectors Edition - FULL - Foxy Games.exe
[2013.03.02 22:32:46 | 005,509,854 | ---- | M] (Aone Software ) -- C:\Users\AMD-Vision\AppData\Roaming\uTorrent\FLV to AVI MPEG WMV 3GP MP4 iPod Converter 5.3.0402 {Full-Version} {blaze69}\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.04.11 06:58:36 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\deployJava1.dll
[2013.04.11 06:58:37 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\java.exe
[2013.04.11 06:58:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\javaw.exe
[2013.04.11 06:58:38 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\javaws.exe
[2013.04.11 06:58:36 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\npdeployJava1.dll
[2013.04.11 06:58:42 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge-32.dll
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ASRockXTU" =
"Nektra OEAPI" =
"OEXPRESS" =
"Nero MediaHome 4" = "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN -- [2012.02.28 18:12:14 | 005,178,664 | ---- | M] (Nero AG)
"RGSC" = C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent -- [2008.11.14 14:35:36 | 000,305,064 | R--- | M] (Take-Two Interactive Software, Inc.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.11 09:06:46 | 000,000,512 | ---- | M] () MD5=294B1EA24A3A03539CAAFB3DD96ED130 -- C:\PhysicalMBR.bin
[2 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2012.11.15 22:10:33 | 000,005,369 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Programy\FreeRapid-0.86\plugins\crackle.frp
[1999.08.12 14:48:22 | 000,308,278 | ---- | M] () -- \Zaloha\Program Files\Canopus\Let's EDIT\Effect\Alpha\crack_1.bmp
[1999.08.12 14:48:22 | 000,308,278 | ---- | M] () -- \Zaloha\Program Files\Canopus\Let's EDIT\Effect\Alpha\crack_2.bmp
[1999.08.12 14:48:22 | 000,308,278 | ---- | M] () -- \Zaloha\Program Files\Canopus\Let's EDIT\Effect\Alpha\crack_3.bmp
[2000.06.13 10:55:50 | 000,401,534 | ---- | M] () -- \Zaloha\Program Files\Deer Hunter 4\Home\Sound\22Khz\os-firecrackle-loop.wav
< *keygen* /s >
[2010.06.20 12:35:25 | 000,063,365 | ---- | M] () -- \Install\Adobe Photoshop CS5 CZ (www.doolphin.cz)\Crack\adobe_PS_CS5_keygen.exe
[2006.02.05 11:18:52 | 000,070,656 | ---- | M] () -- \Install\Pinnacle 9 Studio\Keygen ok.exe
< *loader* /s >
[2012.09.20 22:18:56 | 000,003,208 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Black Cat Toddler Costume_soubory\ajax-loader.gif
[2012.09.20 22:18:55 | 000,008,754 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Black Cat Toddler Costume_soubory\ajax-loader1.gif
[2012.09.20 22:18:55 | 000,011,112 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Black Cat Toddler Costume_soubory\PreloaderForSignUpEmail.gif
[2012.09.20 22:20:17 | 000,003,208 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Miss Mouse Tween Costume_soubory\ajax-loader.gif
[2012.09.20 22:20:17 | 000,008,754 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Miss Mouse Tween Costume_soubory\ajax-loader1.gif
[2012.09.20 22:20:16 | 000,011,112 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Miss Mouse Tween Costume_soubory\PreloaderForSignUpEmail.gif
[2012.07.21 23:58:29 | 006,391,335 | ---- | M] () -- \Users\AMD-Vision\Desktop\Music\VA-Future_Trance_Best_of_15_Years-3CD\117_driftwood_-_freeloader.mp3
[2010.02.06 00:27:16 | 000,000,015 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\TNod User & Password Finder\Licenses Downloader.bat
[2013.03.30 16:43:30 | 000,001,525 | ---- | M] () -- \Users\AMD-Vision\Desktop\Verča\Mazoretky 29.3.2013 – Google+_soubory\loader-1004.js
[2000.08.08 16:24:24 | 000,027,215 | ---- | M] () -- \Zaloha\Program Files\Deer Hunter 4\Home\Models\World Models\Logging_area_models\log_loader\Log_Loader.ssm
[2000.08.11 15:23:38 | 000,263,675 | ---- | M] () -- \Zaloha\Program Files\Deer Hunter 4\Home\Models\World Models\Logging_area_models\log_loader\log_loader_skin.stx
[2009.03.31 10:23:58 | 000,289,280 | ---- | M] () -- \Zaloha\Program Files\Samsung\Samsung New PC Studio\NPSAndroidDownloader.dll
[2009.03.12 10:31:22 | 000,285,184 | ---- | M] () -- \Zaloha\Program Files\Samsung\Samsung New PC Studio\NPSLinuxMitsDownloader.dll
[2009.03.31 10:39:20 | 000,208,896 | ---- | M] () -- \Zaloha\Program Files\Samsung\Samsung New PC Studio\Symbian_Downloader_DLL.dll
[2009.04.02 19:03:40 | 000,258,048 | ---- | M] () -- \Zaloha\Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader.dll
[2008.11.25 17:52:24 | 000,266,240 | ---- | M] () -- \Zaloha\Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader2.dll
[2011.12.15 13:38:14 | 000,055,296 | ---- | M] () -- \Zaloha\Program Files\WinRARPortable\App\WinRAR-x64\Formats\ace32loader.exe
< *minodlogin* /s >
[2011.11.01 15:15:11 | 000,063,667 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 001.png
[2011.11.01 15:15:11 | 000,052,772 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 002.png
[2011.11.01 15:15:11 | 000,057,010 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 003.png
[2011.11.01 15:15:11 | 000,045,736 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 004.png
[2011.11.01 15:15:11 | 000,061,423 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 005.png
[2011.11.01 15:24:50 | 000,136,455 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 006.png
< *tnod* /s >
[2011.11.01 14:35:06 | 000,076,052 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 001.png
[2011.11.01 14:35:06 | 000,052,068 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 002.png
[2011.11.01 14:35:06 | 000,051,377 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 003.png
[2011.11.01 14:35:07 | 000,047,891 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 004.png
[2011.11.01 14:35:06 | 000,075,978 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 005.png
[2011.11.01 14:43:22 | 000,134,647 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 006.png
[2011.06.27 18:46:19 | 000,087,803 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 007.jpg
[2011.11.01 14:50:14 | 000,063,434 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 008.png
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2006.02.05 11:19:09 | 000,000,037 | ---- | M] () -- \Install\Pinnacle 9 Studio\__Pinnacle Studio 9 Multilanguage serial.txt
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:F67947AF
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:7D288858
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:3B07E6F4
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:D01ACC06
< End of report >
========== Files - Modified Within 30 Days ==========
[2013.04.11 09:06:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.11 08:50:56 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.11 08:19:04 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 08:19:04 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 08:18:46 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.11 08:18:46 | 000,631,054 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.04.11 08:18:46 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.11 08:18:46 | 000,121,708 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.04.11 08:18:46 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.11 08:17:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\AMD-Vision\Desktop\OTL.exe
[2013.04.11 08:11:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.11 08:11:19 | 1727,229,951 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.11 08:08:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.11 06:58:42 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.11 06:58:38 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.04.11 06:58:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.11 06:58:37 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.11 06:58:36 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.04.11 06:58:36 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.04.11 06:51:15 | 005,038,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.10 17:41:05 | 000,000,848 | ---- | M] () -- C:\Windows\wininit.ini
[2013.04.10 17:29:57 | 000,104,109 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\3142304401.jpg
[2013.04.10 17:06:49 | 055,454,464 | ---- | M] (Safer-Networking Ltd. ) -- D:\Users\AMD-Vision\Desktop\SpybotSD2.exe
[2013.04.10 12:35:17 | 000,935,175 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\RSITx64.exe
[2013.04.10 12:22:40 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.10 12:21:44 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- D:\Users\AMD-Vision\Desktop\mbam-setup-1.75.0.1300.exe
[2013.04.10 12:18:32 | 000,050,688 | ---- | M] (Atribune.org) -- D:\Users\AMD-Vision\Desktop\ATF-Cleaner.exe
[2013.04.09 23:48:58 | 000,816,128 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\RogueKiller.exe
[2013.04.09 15:50:17 | 095,023,320 | ---- | M] () -- C:\ProgramData\odoc2t.pad
[2013.04.09 08:14:55 | 000,000,495 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\Dokument.rtf
[2013.04.09 07:14:48 | 000,000,152 | ---- | M] () -- C:\ProgramData\odoc2t.reg
[2013.04.08 13:07:08 | 646,395,668 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\Strach-a-hnus-v-Las-Vegas---komedie-v-CZ-1998.avi
[2013.04.08 13:05:29 | 000,060,605 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\Klass-Elu-p-rast-S01E07(0000191948).srt
[2013.04.08 13:05:04 | 000,034,546 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\Klass-Elu-p-rast-S01E06(0000191423).srt
[2013.04.05 05:31:22 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.04.05 05:31:21 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.04.05 05:31:21 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.04.05 05:31:21 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.04.05 05:31:20 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.04.05 05:31:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.04.05 05:31:20 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.04.05 05:31:20 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.05 05:31:20 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.04.05 05:31:20 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.04.05 05:31:20 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.05 05:31:20 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.04.05 05:31:19 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.04.05 05:31:19 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.04.05 05:31:19 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.04.05 05:31:19 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.04.05 05:31:19 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.04.05 05:31:19 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.04.05 05:31:19 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.04.05 05:31:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.04.05 05:31:19 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.04.05 05:31:18 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.05 05:31:18 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.05 05:31:18 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.04.05 05:31:18 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.04.05 05:31:18 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.05 05:31:18 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.04.05 05:31:17 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.05 05:31:17 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.04.05 05:31:17 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.04.05 05:31:17 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.04.05 05:31:17 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.04.05 05:31:17 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.04.05 05:31:17 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.04.05 05:31:17 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.05 05:31:17 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.04.05 05:31:17 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.04.05 05:31:17 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.05 05:31:17 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.04.05 05:31:17 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.04.05 05:31:17 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.05 05:31:16 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.05 05:31:16 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.05 05:31:16 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.04.05 05:31:16 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.04.05 05:31:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.04.05 05:31:16 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.04.05 05:31:16 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.04.05 05:31:16 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.04.05 05:31:16 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.04.05 05:31:16 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.04.05 05:31:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.04.05 05:31:16 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.04.05 05:31:16 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.04.05 05:31:15 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.04.04 21:38:23 | 000,059,541 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\seznam-drazenych-mv---1942013-na-net.pdf
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.04 10:13:07 | 1073,741,824 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\the-sims-3-pets.part1.rar
[2013.03.31 22:53:11 | 000,000,263 | ---- | M] () -- C:\Users\Public\Documents\autodr..rtf
[2013.03.30 03:14:32 | 000,006,656 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.30 02:57:32 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.03.23 11:48:26 | 000,002,023 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\Bee Adventure.lnk
[2013.03.23 11:48:26 | 000,002,016 | ---- | M] () -- D:\Users\AMD-Vision\Desktop\MyPlayCity Games.lnk
[2013.03.19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.03.19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.03.19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.03.19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.03.19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.03.17 02:54:56 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013.03.13 02:08:26 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 02:08:25 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.11 08:22:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.10 17:41:04 | 000,000,848 | ---- | C] () -- C:\Windows\wininit.ini
[2013.04.10 17:29:56 | 000,104,109 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\3142304401.jpg
[2013.04.10 12:35:14 | 000,935,175 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\RSITx64.exe
[2013.04.10 12:22:40 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.10 00:00:39 | 000,816,128 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\RogueKiller.exe
[2013.04.09 08:14:55 | 000,000,495 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\Dokument.rtf
[2013.04.09 07:14:48 | 000,000,152 | ---- | C] () -- C:\ProgramData\odoc2t.reg
[2013.04.09 07:14:47 | 095,023,320 | ---- | C] () -- C:\ProgramData\odoc2t.pad
[2013.04.08 13:05:29 | 000,060,605 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\Klass-Elu-p-rast-S01E07(0000191948).srt
[2013.04.08 13:05:03 | 000,034,546 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\Klass-Elu-p-rast-S01E06(0000191423).srt
[2013.04.08 11:59:30 | 646,395,668 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\Strach-a-hnus-v-Las-Vegas---komedie-v-CZ-1998.avi
[2013.04.05 05:31:18 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.05 05:31:17 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.04 21:22:56 | 000,059,541 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\seznam-drazenych-mv---1942013-na-net.pdf
[2013.04.04 10:08:03 | 1073,741,824 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\the-sims-3-pets.part1.rar
[2013.03.31 22:53:11 | 000,000,263 | ---- | C] () -- C:\Users\Public\Documents\autodr..rtf
[2013.03.23 11:48:26 | 000,002,023 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\Bee Adventure.lnk
[2013.03.23 11:48:26 | 000,002,016 | ---- | C] () -- D:\Users\AMD-Vision\Desktop\MyPlayCity Games.lnk
[2013.03.18 23:17:01 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013.03.17 02:54:56 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013.03.02 22:34:44 | 000,006,656 | ---- | C] () -- C:\Users\AMD-Vision\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.19 03:28:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2013.01.19 03:28:33 | 000,015,360 | ---- | C] () -- C:\Windows\Launcher.exe
[2012.08.15 21:12:10 | 001,470,766 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.15 19:39:33 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.08.15 19:26:24 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.08.15 19:26:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2012.08.15 19:26:23 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.08.15 19:26:23 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.08.15 19:26:22 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.08.15 16:06:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.08.15 16:04:36 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.07.28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.22 13:19:29 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\AlawarSouthpoint
[2012.12.07 18:58:35 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\aliasworlds
[2012.11.23 18:41:41 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Artifex Mundi
[2013.04.04 08:09:26 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\DAEMON Tools Lite
[2013.01.26 18:59:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\DivoGames
[2012.11.21 22:29:44 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Friday's games
[2013.04.10 12:05:01 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\GHISLER
[2012.12.31 13:23:34 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\GoforFiles
[2012.12.23 14:26:22 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Happy Chef
[2012.08.20 17:52:53 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\IObit
[2013.01.22 22:57:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Jumb-O-Fun Games
[2012.08.15 20:49:58 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\LangSoft
[2013.02.21 10:56:27 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Leadertech
[2013.03.02 01:09:09 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\MoveFab
[2013.03.18 23:17:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Opera
[2013.02.12 01:26:42 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\PC Suite
[2013.01.23 20:34:54 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Ph03nixNewMedia
[2013.02.13 01:45:10 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Samsung
[2013.01.04 09:05:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz
[2013.01.19 03:28:39 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Thunderbird
[2013.02.18 19:29:34 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\TMNT
[2013.04.07 10:06:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\uTorrent
[2012.11.15 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\VitySoft
[2012.11.24 17:08:59 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\WeatherLord
[2012.08.19 22:57:10 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Zoner
[2012.12.10 22:24:03 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2012.12.10 22:24:03 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.15 18:50:24 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.08.22 06:30:56 | 000,000,956 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.22 06:30:57 | 000,000,960 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.02.09 00:38:14 | 000,000,438 | -H-- | C] () -- C:\Windows\Tasks\schedule!1143840799.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 05:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 05:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 04:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 04:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 05:26:00 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.06.02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012.04.24 06:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 04:18:26 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.04.24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2012.04.24 07:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.04.24 07:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 06:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 05:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 05:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 05:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.20 05:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 05:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 07:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 05:33:46 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 05:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 05:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 05:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 05:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 05:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\SysNative\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 05:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 05:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.20 05:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 05:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 04:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 04:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[36 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.09.28 09:14:16 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Adobe
[2012.09.20 13:01:56 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Ahead
[2012.11.22 13:19:29 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\AlawarSouthpoint
[2012.12.07 18:58:35 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\aliasworlds
[2013.02.16 01:46:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Apple Computer
[2012.08.15 22:22:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\ArcSoft
[2012.11.23 18:41:41 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Artifex Mundi
[2012.08.15 16:06:24 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\ATI
[2013.04.04 08:09:26 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\DAEMON Tools Lite
[2013.01.26 18:59:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\DivoGames
[2012.11.21 22:29:44 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Friday's games
[2013.04.10 12:05:01 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\GHISLER
[2012.12.31 13:23:34 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\GoforFiles
[2012.12.23 14:26:22 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Happy Chef
[2012.08.15 15:55:14 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Identities
[2013.02.17 00:56:13 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\InstallShield
[2012.08.20 17:52:53 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\IObit
[2013.01.22 22:57:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Jumb-O-Fun Games
[2012.08.15 20:49:58 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\LangSoft
[2013.02.21 10:56:27 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Leadertech
[2012.08.15 18:50:27 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Macromedia
[2013.04.10 12:22:48 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Media Center Programs
[2013.04.10 00:21:05 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Media Player Classic
[2013.02.21 11:00:48 | 000,000,000 | --SD | M] -- C:\Users\AMD-Vision\AppData\Roaming\Microsoft
[2013.03.02 01:09:09 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\MoveFab
[2012.08.15 20:41:30 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Mozilla
[2013.02.16 01:30:30 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Nero
[2013.03.18 23:17:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Opera
[2013.02.12 01:26:42 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\PC Suite
[2013.01.23 20:34:54 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Ph03nixNewMedia
[2013.02.13 01:45:10 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Samsung
[2012.08.17 00:53:15 | 000,000,000 | R--D | M] -- C:\Users\AMD-Vision\AppData\Roaming\SecuROM
[2013.01.04 09:05:04 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz
[2013.01.19 03:28:39 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Thunderbird
[2013.02.18 19:29:34 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\TMNT
[2013.03.18 15:57:06 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Tor
[2013.04.07 10:06:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\uTorrent
[2012.11.15 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\VitySoft
[2012.10.12 22:54:32 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\vlc
[2012.11.24 17:08:59 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\WeatherLord
[2013.04.10 20:25:50 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Winamp
[2012.08.17 00:56:28 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\WinRAR
[2012.08.19 22:57:10 | 000,000,000 | ---D | M] -- C:\Users\AMD-Vision\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2012.08.15 20:57:50 | 000,029,926 | R--- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2012.08.20 17:18:21 | 000,010,134 | R--- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013.02.28 00:58:26 | 089,280,248 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\AMD-Vision\AppData\Roaming\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe
[2012.09.13 15:24:48 | 001,009,288 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\szninstall.exe
[2012.09.14 14:06:28 | 002,515,592 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\sznsetup.exe
[2012.11.13 16:28:42 | 000,700,416 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe
[2012.11.13 17:07:56 | 000,055,808 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2012.11.12 12:05:50 | 000,455,736 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2012.11.12 12:05:16 | 000,091,704 | ---- | M] () -- C:\Users\AMD-Vision\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.03.26 01:03:26 | 264,240,573 | ---- | M] (Created with Setup Factory Personal Edition) -- C:\Users\AMD-Vision\AppData\Roaming\uTorrent\Fishdom 3 Sběratelská edice\Fishdom 3 Collectors Edition - FULL - Foxy Games.exe
[2013.03.02 22:32:46 | 005,509,854 | ---- | M] (Aone Software ) -- C:\Users\AMD-Vision\AppData\Roaming\uTorrent\FLV to AVI MPEG WMV 3GP MP4 iPod Converter 5.3.0402 {Full-Version} {blaze69}\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.04.11 06:58:36 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\deployJava1.dll
[2013.04.11 06:58:37 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\java.exe
[2013.04.11 06:58:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\javaw.exe
[2013.04.11 06:58:38 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\javaws.exe
[2013.04.11 06:58:36 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\npdeployJava1.dll
[2013.04.11 06:58:42 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge-32.dll
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ASRockXTU" =
"Nektra OEAPI" =
"OEXPRESS" =
"Nero MediaHome 4" = "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN -- [2012.02.28 18:12:14 | 005,178,664 | ---- | M] (Nero AG)
"RGSC" = C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent -- [2008.11.14 14:35:36 | 000,305,064 | R--- | M] (Take-Two Interactive Software, Inc.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.11 09:06:46 | 000,000,512 | ---- | M] () MD5=294B1EA24A3A03539CAAFB3DD96ED130 -- C:\PhysicalMBR.bin
[2 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2012.11.15 22:10:33 | 000,005,369 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Programy\FreeRapid-0.86\plugins\crackle.frp
[1999.08.12 14:48:22 | 000,308,278 | ---- | M] () -- \Zaloha\Program Files\Canopus\Let's EDIT\Effect\Alpha\crack_1.bmp
[1999.08.12 14:48:22 | 000,308,278 | ---- | M] () -- \Zaloha\Program Files\Canopus\Let's EDIT\Effect\Alpha\crack_2.bmp
[1999.08.12 14:48:22 | 000,308,278 | ---- | M] () -- \Zaloha\Program Files\Canopus\Let's EDIT\Effect\Alpha\crack_3.bmp
[2000.06.13 10:55:50 | 000,401,534 | ---- | M] () -- \Zaloha\Program Files\Deer Hunter 4\Home\Sound\22Khz\os-firecrackle-loop.wav
< *keygen* /s >
[2010.06.20 12:35:25 | 000,063,365 | ---- | M] () -- \Install\Adobe Photoshop CS5 CZ (www.doolphin.cz)\Crack\adobe_PS_CS5_keygen.exe
[2006.02.05 11:18:52 | 000,070,656 | ---- | M] () -- \Install\Pinnacle 9 Studio\Keygen ok.exe
< *loader* /s >
[2012.09.20 22:18:56 | 000,003,208 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Black Cat Toddler Costume_soubory\ajax-loader.gif
[2012.09.20 22:18:55 | 000,008,754 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Black Cat Toddler Costume_soubory\ajax-loader1.gif
[2012.09.20 22:18:55 | 000,011,112 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Black Cat Toddler Costume_soubory\PreloaderForSignUpEmail.gif
[2012.09.20 22:20:17 | 000,003,208 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Miss Mouse Tween Costume_soubory\ajax-loader.gif
[2012.09.20 22:20:17 | 000,008,754 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Miss Mouse Tween Costume_soubory\ajax-loader1.gif
[2012.09.20 22:20:16 | 000,011,112 | ---- | M] () -- \Users\AMD-Vision\Desktop\Gabča\Miss Mouse Tween Costume_soubory\PreloaderForSignUpEmail.gif
[2012.07.21 23:58:29 | 006,391,335 | ---- | M] () -- \Users\AMD-Vision\Desktop\Music\VA-Future_Trance_Best_of_15_Years-3CD\117_driftwood_-_freeloader.mp3
[2010.02.06 00:27:16 | 000,000,015 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\TNod User & Password Finder\Licenses Downloader.bat
[2013.03.30 16:43:30 | 000,001,525 | ---- | M] () -- \Users\AMD-Vision\Desktop\Verča\Mazoretky 29.3.2013 – Google+_soubory\loader-1004.js
[2000.08.08 16:24:24 | 000,027,215 | ---- | M] () -- \Zaloha\Program Files\Deer Hunter 4\Home\Models\World Models\Logging_area_models\log_loader\Log_Loader.ssm
[2000.08.11 15:23:38 | 000,263,675 | ---- | M] () -- \Zaloha\Program Files\Deer Hunter 4\Home\Models\World Models\Logging_area_models\log_loader\log_loader_skin.stx
[2009.03.31 10:23:58 | 000,289,280 | ---- | M] () -- \Zaloha\Program Files\Samsung\Samsung New PC Studio\NPSAndroidDownloader.dll
[2009.03.12 10:31:22 | 000,285,184 | ---- | M] () -- \Zaloha\Program Files\Samsung\Samsung New PC Studio\NPSLinuxMitsDownloader.dll
[2009.03.31 10:39:20 | 000,208,896 | ---- | M] () -- \Zaloha\Program Files\Samsung\Samsung New PC Studio\Symbian_Downloader_DLL.dll
[2009.04.02 19:03:40 | 000,258,048 | ---- | M] () -- \Zaloha\Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader.dll
[2008.11.25 17:52:24 | 000,266,240 | ---- | M] () -- \Zaloha\Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader2.dll
[2011.12.15 13:38:14 | 000,055,296 | ---- | M] () -- \Zaloha\Program Files\WinRARPortable\App\WinRAR-x64\Formats\ace32loader.exe
< *minodlogin* /s >
[2011.11.01 15:15:11 | 000,063,667 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 001.png
[2011.11.01 15:15:11 | 000,052,772 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 002.png
[2011.11.01 15:15:11 | 000,057,010 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 003.png
[2011.11.01 15:15:11 | 000,045,736 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 004.png
[2011.11.01 15:15:11 | 000,061,423 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 005.png
[2011.11.01 15:24:50 | 000,136,455 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\4) MiNODLogin 3.9.9.10\FOTO Návod instalace MiNODLogin\MiNODLogin 006.png
< *tnod* /s >
[2011.11.01 14:35:06 | 000,076,052 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 001.png
[2011.11.01 14:35:06 | 000,052,068 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 002.png
[2011.11.01 14:35:06 | 000,051,377 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 003.png
[2011.11.01 14:35:07 | 000,047,891 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 004.png
[2011.11.01 14:35:06 | 000,075,978 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 005.png
[2011.11.01 14:43:22 | 000,134,647 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 006.png
[2011.06.27 18:46:19 | 000,087,803 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 007.jpg
[2011.11.01 14:50:14 | 000,063,434 | ---- | M] () -- \Users\AMD-Vision\Desktop\Plocha Zaloha\Eset Smart Security a ESET NOD32 Antivirus 5.0.94.0 CZ (x86,x64Bit) Complet\3) TNODUP 1.4.1 Final\Foto Návod TNODUP\TNODUP 008.png
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2006.02.05 11:19:09 | 000,000,037 | ---- | M] () -- \Install\Pinnacle 9 Studio\__Pinnacle Studio 9 Multilanguage serial.txt
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:F67947AF
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:7D288858
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:3B07E6F4
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:D01ACC06
< End of report >
Re: Vir "Váš počítač je zablokován" - dočištění
OTL Extras logfile created on: 11.4.2013 9:05:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\AMD-Vision\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,48 Gb Total Physical Memory | 5,46 Gb Available Physical Memory | 73,07% Memory free
15,48 Gb Paging File | 13,33 Gb Available in Paging File | 86,12% Paging File free
Paging file location(s): c:\pagefile.sys 8192 12216 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 117,09 Gb Total Space | 19,52 Gb Free Space | 16,67% Space Free | Partition Type: NTFS
Drive D: | 348,57 Gb Total Space | 41,13 Gb Free Space | 11,80% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 18,87 Gb Free Space | 6,33% Space Free | Partition Type: NTFS
Computer Name: AMD-VISION-PC | User Name: AMD-Vision | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1EFDF266-C498-49BC-B674-A495D0E6363A}" = rport=139 | protocol=6 | dir=out | app=system |
"{20C76B88-6DF4-4528-9AEE-A865F08DC7F4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4291DCD8-39E0-46B9-8FF8-9E06E309FF49}" = rport=137 | protocol=17 | dir=out | app=system |
"{509D3EE0-AD6B-4B3F-98C3-501EA0CA84BC}" = lport=139 | protocol=6 | dir=in | app=system |
"{66113ECB-7677-4750-9C76-6DB0F02ED15D}" = lport=138 | protocol=17 | dir=in | app=system |
"{67930EDE-7D73-46A0-B8AF-40C10309E888}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8FAFEDEC-320D-4A0E-877C-188532BB0EC5}" = lport=445 | protocol=6 | dir=in | app=system |
"{A131D3EE-4C5D-4E42-AA16-1E07577F6FB8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AE111B90-37F8-47F9-BF01-02A6CFAAA876}" = rport=445 | protocol=6 | dir=out | app=system |
"{AE93121D-6C89-45E8-8AAA-7C28FC82EDC5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DC12F57C-F7F5-45D4-85C0-CE59E394BD2B}" = rport=138 | protocol=17 | dir=out | app=system |
"{EBA40B7D-48E2-401A-AFF9-3E78B1398D99}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09C7D6D4-4768-40B0-B363-1184646A2F54}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero mediahome 4\nmmediaserverservice.exe |
"{0E87F0BF-0AC3-4820-8B56-A8D9CD908CBE}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{1224A8D0-036B-4E3F-8777-87191252ECE5}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{1606AEA5-5F29-46D5-B3A2-41E7759F01B2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1AC06E23-392F-4F51-8AA3-64D164C9EE83}" = protocol=6 | dir=in | app=c:\program files (x86)\goforfiles\goforfiles.exe |
"{22A6D362-4D8E-4B45-8C1D-01628A74E0CD}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{2452AF69-50BA-499A-8A39-DE56916D6566}" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{2C732FD0-AA8B-4A02-98B2-9CDE030ACB2E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3469376C-863F-4229-9A97-796A93C10DB2}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{36A2918F-24CF-4883-B7D5-E04854BBDF33}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{3C1A91D9-5488-43F1-9668-A69D9A23BADB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3F6D6FBB-32DF-469E-A4A4-68C66F295FDA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{416E8B05-E7EE-4CFD-968C-A15CB9055289}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{46E71F79-3601-447B-BD03-754C802AE200}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{56CD651D-0DEA-4C3F-B1E0-E8DF454C37A2}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{5BB3D2F8-BC6A-417D-8D64-4F131C17C215}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{65FF5C6A-4FA4-4E59-94D8-6B507B99719B}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{66FAC39F-239A-4C6C-97C5-B84237F822C6}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{72CD0077-6EC2-4DBA-81C6-B9906ECE603B}" = protocol=6 | dir=in | app=c:\program files (x86)\goforfiles\goforfilesdl.exe |
"{750E4DDE-45FD-465B-B618-8E15850EAE46}" = protocol=17 | dir=in | app=c:\program files (x86)\goforfiles\goforfiles.exe |
"{76284ABE-59F4-4A7D-AE71-1B78B97083DF}" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{7AD2A702-78E5-41E4-9A67-4BFEC272738F}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{81336D92-F90D-41CC-9C1A-B995C3F22018}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8414E1F2-EE92-4CC0-B541-BE32647206B5}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
"{90419BB7-1CDE-40D2-B161-F90F228803BC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{90BAEE89-6366-4C2E-9229-43B43692C796}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
"{9D029752-B589-466E-8219-3943D6091BAC}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
"{9DD3956D-8E93-4AF5-8C2F-E1C580E15A09}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
"{A08F3E3D-CEAD-4331-AB39-C20CDADA7B9C}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{A1DA5759-9A1E-4683-8763-0F3E42F676AC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A37D0091-7A07-4AA8-BE1C-802C5C033D98}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
"{A5C96AB6-DB23-4402-B8CE-CE89EE45DF09}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{A95957DB-949B-4A5B-875E-AD33E5653A01}" = protocol=17 | dir=in | app=c:\program files (x86)\goforfiles\goforfilesdl.exe |
"{B11BA0F5-71B7-4876-A4AD-C86CD52DEC07}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{B6941CD0-2C0A-4EE1-ABF8-03281D7FF22C}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero mediahome 4\nmmediaserverservice.exe |
"{B91D7627-9626-4D89-BAC0-E0494A7E38AD}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
"{C1117CD5-76E1-46D8-B0BF-5564CE47449A}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{CF993794-A1BC-43A9-8420-36B7B06DAEB6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D548F9F2-12B2-4E85-8CED-553B613B7B3E}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{DBC96262-7D1D-4C03-8ACF-4C9FD9536E95}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E30C5BE3-FCA8-45EE-BC14-2C9025DA83BE}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F1F196E9-3C23-4624-BFB4-D135A1E400FE}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{F42CEC95-7C27-4A71-BDE0-470B7FF0D7FA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F68E6594-1E4D-4CC6-8DE1-73E2E1EB1A5B}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{FD5C93C6-D519-40F5-A8C1-5D301D6E82C8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{52ADF15A-EDEF-4CE3-A48B-652CCAFD3F28}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{63276F28-BB6E-457C-ACCF-E057A90137FB}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{932EE636-32EE-432C-BA9F-815476C90545}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{F9BCD99E-C7A2-400D-947C-C9A5F6129568}C:\program files (x86)\pro evolution soccer 2013\pes2013.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pro evolution soccer 2013\pes2013.exe |
"UDP Query User{03DB6C9D-2EE7-4EA7-BF34-C7AEF782D1C6}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{1CD8C092-D71D-4767-83D1-9200D737BB76}C:\program files (x86)\pro evolution soccer 2013\pes2013.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pro evolution soccer 2013\pes2013.exe |
"UDP Query User{255DBF38-1619-4B4C-BB13-94348CE7D323}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{ADBEAED5-DD59-4C0A-B48B-AEC6EFFD35C2}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java(TM) 7 Update 3 (64-bit)
"{41968390-377D-0119-5AA9-755B8AF0DA80}" = ccc-utility64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AE196FD4-5109-21C4-6B2D-C8B60E188EC7}" = AMD Catalyst Install Manager
"{BA3E917A-7DBE-4760-7407-BD6E0EB3CFB2}" = AMD Fuel
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASRock App Charger_is1" = ASRock App Charger v1.0.5
"BC15EA930074932BB2C4B4493C9FD4EA95087D1A" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"CCleaner" = CCleaner
"ContinueToSave" = ContinueToSave
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.1.0 (64-bit)
"MediaInfo" = MediaInfo 0.7.61
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.11 (64-bit)
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B5F055F-0D34-C0E0-7E34-45789E958BCE}" = CCC Help English
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{118cdc1a-4311-460c-b3c4-b8a734baa4cc}" = Nero MediaHome 4 Essentials
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16F4BFFB-6A79-7A40-A591-23C63FC4D595}" = Catalyst Control Center Localization All
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{23A7D2CE-1A04-41D6-96A9-65D897E86DC2}" = CCC Help Czech
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}" = ArcSoft TotalMedia 3.5
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{34E23470-E328-BFCD-B3EF-E6E74E87FEDD}" = AMD VISION Engine Control Center
"{3A1EBEF3-9BDC-FFCD-8144-265FD2FD1D33}" = CCC Help Swedish
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{42F965F4-EABA-A9E4-C4B6-38C12EC34FBC}" = CCC Help Polish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E8EDE0A-E97B-2475-BF6B-C8FEEC4F4482}" = CCC Help Thai
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{66E4187B-991A-A4BE-933B-08B3BEBC0EE6}" = CCC Help Chinese Standard
"{69FC3B9A-4149-43DB-A557-6ED0C8D8BA44}" = Nero MediaHome 4 Help
"{6bd5b2e2-5ce2-4e33-bc9f-0201eccf5e64}_is1" = Certified Toolbar 2.1
"{6EB3C538-B9B8-F2BB-AEC4-865AC2DF2EE0}" = CCC Help Finnish
"{70F9C054-B713-B704-2E37-7F78439D5FA8}" = CCC Help Turkish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716A2D35-F0D5-3BE4-D02A-0C0A2FCDF7BB}" = CCC Help Danish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75569133-FD58-4F54-B622-9193EC7B6000}" = LITTLEST PET SHOP
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CEED00F-11AC-9C5C-F500-AF86D4C67E40}" = Catalyst Control Center Profiles Mobile
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{831C848D-F785-F9AF-693B-9BD2C9ED5D0B}" = CCC Help Portuguese
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84374801-0EEE-9A50-6F79-17E2057CC6C9}" = CCC Help Korean
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8F10F574-9C09-CEE0-DCC9-317DB01190FC}" = Catalyst Control Center InstallProxy
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{98097DB0-38DE-E2E8-D8F2-97F2816D5D4A}" = CCC Help Russian
"{99EF387E-633E-4CFB-BFA3-AB961B685DDF}" = Nero MediaHome 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3B31093-3C8E-3D69-A4EF-2EA950720590}" = CCC Help Japanese
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{AD053B60-BC7C-D749-0D5B-4ADE932AF931}" = CCC Help Hungarian
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3583D27-C12A-483E-98B8-235506F71502}" = TMNT
"{B810D852-DFD6-PES13-89A5-CC4D47756DAF}_is1" = Pro Evolution Soccer 2013 version 5.1
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C1C6816E-CBB3-A748-85F9-A8B47B68985B}" = continuetosave
"{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}" = Pro Evolution Soccer 2013
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CD9D0827-A6D6-4E2C-B31E-23F01577E27B}" = BlueStacks Notification Center
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3D3A52A-BD2B-BC1E-903F-A47E00F31AF8}" = CCC Help Greek
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D541F7BE-3CAC-18C6-43B3-CEAEA5887296}" = CCC Help French
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D93CC12C-4C40-C463-3463-9E025C277D3C}" = CCC Help Italian
"{DBCB47B1-235E-C4A8-C481-DDA01B49C9A7}" = CCC Help Spanish
"{DD899638-B3F5-A6D0-E263-44D5704A080C}" = CCC Help German
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{FAEA976B-4C36-141F-C7D8-889E0B067CE0}" = CCC Help Chinese Traditional
"{FCF0E04F-B459-61BE-66B5-B7D02112605F}" = CCC Help Dutch
"{FE7989B2-9F10-977F-3ABD-AF441E38AA41}" = CCC Help Norwegian
"1ClickDownload" = LSHunterTVApp
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.94
"Bee Adventure_is1" = Bee Adventure
"BFGC" = Big Fish Games: Game Manager
"BFG-Campgrounds" = Campgrounds
"BFG-Cooking Academy 3 - Recipe for Success" = Cooking Academy 3: Recipe for Success
"BFG-Jack of All Tribes" = Jack of All Tribes
"BFG-Jet Set Go" = Jet Set Go
"BlueStacks App Player" = BlueStacks App Player
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVDFab 8 Qt_is1" = DVDFab 8.1.9.0 (06/07/2012) Qt
"FLV to AVI MPEG WMV 3GP MP4 iPod Converter" = FLV to AVI MPEG WMV 3GP MP4 iPod Converter
"Google Chrome" = Google Chrome
"GotClip" = GotClip Downloader
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IT9130 DriverInstaller_11.4.26.1" = IT9130 Driver v11.4.26.1
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.1.0
"Knoll Light Factory EZ Studio" = Knoll Light Factory EZ Studio
"Labužníkův ráj: Zvířecí apetit" = Labužníkův ráj: Zvířecí apetit
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Můj život na farmě 2" = Můj život na farmě 2
"Opera 12.14.1738" = Opera 12.14
"Pán počasí" = Pán počasí
"PowerArchiver 2012 13.02.02" = PowerArchiver 2012
"Protected Search_is1" = Protected Search 1.1
"Red Giant ToonIt Studio" = Red Giant ToonIt Studio
"Smart Defrag 2_is1" = Smart Defrag 2
"Sniper Elite V2_is1" = Sniper Elite V2
"SP_ccfde35c" = Search Assistant SimpleSpeedy 1.74
"SP_e14dcdfa" = ContinueToSave 1.74
"Strašidelná panství" = Strašidelná panství
"Taneční horečka" = Taneční horečka
"Trapcode 3DStroke Studio" = Trapcode 3DStroke Studio
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio" = Trapcode Shine Studio
"uTorrent" = µTorrent
"Veselý šéfkuchař" = Veselý šéfkuchař
"VLC media player" = VLC media player 2.0.3
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"XFastUsb" = XFastUsb
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoforFiles" = GoforFiles
"SeznamInstall" = Seznam Software
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 9.4.2013 18:29:44 | Computer Name = AMD-Vision-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 9.4.2013 18:29:44 | Computer Name = AMD-Vision-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 9.4.2013 18:29:44 | Computer Name = AMD-Vision-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 9.4.2013 18:29:44 | Computer Name = AMD-Vision-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 9.4.2013 18:29:44 | Computer Name = AMD-Vision-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 10.4.2013 2:50:04 | Computer Name = AMD-Vision-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 10.4.2013 6:06:25 | Computer Name = AMD-Vision-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 10.4.2013 10:21:45 | Computer Name = AMD-Vision-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 11.4.2013 0:51:29 | Computer Name = AMD-Vision-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 11.4.2013 2:06:42 | Computer Name = AMD-Vision-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 11.4.2013 2:11:52 | Computer Name = AMD-Vision-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
[ System Events ]
Error - 11.4.2013 0:51:29 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064
Error - 11.4.2013 0:51:58 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 11.4.2013 1:15:41 | Computer Name = AMD-Vision-PC | Source = DCOM | ID = 10010
Description =
Error - 11.4.2013 2:06:36 | Computer Name = AMD-Vision-PC | Source = Microsoft-Windows-TaskScheduler | ID = 413
Description = Službě Plánovač úloh se při spuštění nepodařilo načíst úlohy. Další
údaje: Hodnota chyby: 2147942402
Error - 11.4.2013 2:06:42 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064
Error - 11.4.2013 2:07:32 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 11.4.2013 2:10:37 | Computer Name = AMD-Vision-PC | Source = DCOM | ID = 10010
Description =
Error - 11.4.2013 2:11:25 | Computer Name = AMD-Vision-PC | Source = Microsoft-Windows-TaskScheduler | ID = 413
Description = Službě Plánovač úloh se při spuštění nepodařilo načíst úlohy. Další
údaje: Hodnota chyby: 2147942402
Error - 11.4.2013 2:11:52 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064
Error - 11.4.2013 2:12:02 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\AMD-Vision\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,48 Gb Total Physical Memory | 5,46 Gb Available Physical Memory | 73,07% Memory free
15,48 Gb Paging File | 13,33 Gb Available in Paging File | 86,12% Paging File free
Paging file location(s): c:\pagefile.sys 8192 12216 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 117,09 Gb Total Space | 19,52 Gb Free Space | 16,67% Space Free | Partition Type: NTFS
Drive D: | 348,57 Gb Total Space | 41,13 Gb Free Space | 11,80% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 18,87 Gb Free Space | 6,33% Space Free | Partition Type: NTFS
Computer Name: AMD-VISION-PC | User Name: AMD-Vision | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1EFDF266-C498-49BC-B674-A495D0E6363A}" = rport=139 | protocol=6 | dir=out | app=system |
"{20C76B88-6DF4-4528-9AEE-A865F08DC7F4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4291DCD8-39E0-46B9-8FF8-9E06E309FF49}" = rport=137 | protocol=17 | dir=out | app=system |
"{509D3EE0-AD6B-4B3F-98C3-501EA0CA84BC}" = lport=139 | protocol=6 | dir=in | app=system |
"{66113ECB-7677-4750-9C76-6DB0F02ED15D}" = lport=138 | protocol=17 | dir=in | app=system |
"{67930EDE-7D73-46A0-B8AF-40C10309E888}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8FAFEDEC-320D-4A0E-877C-188532BB0EC5}" = lport=445 | protocol=6 | dir=in | app=system |
"{A131D3EE-4C5D-4E42-AA16-1E07577F6FB8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AE111B90-37F8-47F9-BF01-02A6CFAAA876}" = rport=445 | protocol=6 | dir=out | app=system |
"{AE93121D-6C89-45E8-8AAA-7C28FC82EDC5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DC12F57C-F7F5-45D4-85C0-CE59E394BD2B}" = rport=138 | protocol=17 | dir=out | app=system |
"{EBA40B7D-48E2-401A-AFF9-3E78B1398D99}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09C7D6D4-4768-40B0-B363-1184646A2F54}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero mediahome 4\nmmediaserverservice.exe |
"{0E87F0BF-0AC3-4820-8B56-A8D9CD908CBE}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{1224A8D0-036B-4E3F-8777-87191252ECE5}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{1606AEA5-5F29-46D5-B3A2-41E7759F01B2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1AC06E23-392F-4F51-8AA3-64D164C9EE83}" = protocol=6 | dir=in | app=c:\program files (x86)\goforfiles\goforfiles.exe |
"{22A6D362-4D8E-4B45-8C1D-01628A74E0CD}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{2452AF69-50BA-499A-8A39-DE56916D6566}" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{2C732FD0-AA8B-4A02-98B2-9CDE030ACB2E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3469376C-863F-4229-9A97-796A93C10DB2}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{36A2918F-24CF-4883-B7D5-E04854BBDF33}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{3C1A91D9-5488-43F1-9668-A69D9A23BADB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3F6D6FBB-32DF-469E-A4A4-68C66F295FDA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{416E8B05-E7EE-4CFD-968C-A15CB9055289}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{46E71F79-3601-447B-BD03-754C802AE200}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{56CD651D-0DEA-4C3F-B1E0-E8DF454C37A2}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{5BB3D2F8-BC6A-417D-8D64-4F131C17C215}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{65FF5C6A-4FA4-4E59-94D8-6B507B99719B}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{66FAC39F-239A-4C6C-97C5-B84237F822C6}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{72CD0077-6EC2-4DBA-81C6-B9906ECE603B}" = protocol=6 | dir=in | app=c:\program files (x86)\goforfiles\goforfilesdl.exe |
"{750E4DDE-45FD-465B-B618-8E15850EAE46}" = protocol=17 | dir=in | app=c:\program files (x86)\goforfiles\goforfiles.exe |
"{76284ABE-59F4-4A7D-AE71-1B78B97083DF}" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{7AD2A702-78E5-41E4-9A67-4BFEC272738F}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{81336D92-F90D-41CC-9C1A-B995C3F22018}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8414E1F2-EE92-4CC0-B541-BE32647206B5}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
"{90419BB7-1CDE-40D2-B161-F90F228803BC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{90BAEE89-6366-4C2E-9229-43B43692C796}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
"{9D029752-B589-466E-8219-3943D6091BAC}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
"{9DD3956D-8E93-4AF5-8C2F-E1C580E15A09}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
"{A08F3E3D-CEAD-4331-AB39-C20CDADA7B9C}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{A1DA5759-9A1E-4683-8763-0F3E42F676AC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A37D0091-7A07-4AA8-BE1C-802C5C033D98}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
"{A5C96AB6-DB23-4402-B8CE-CE89EE45DF09}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{A95957DB-949B-4A5B-875E-AD33E5653A01}" = protocol=17 | dir=in | app=c:\program files (x86)\goforfiles\goforfilesdl.exe |
"{B11BA0F5-71B7-4876-A4AD-C86CD52DEC07}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{B6941CD0-2C0A-4EE1-ABF8-03281D7FF22C}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero mediahome 4\nmmediaserverservice.exe |
"{B91D7627-9626-4D89-BAC0-E0494A7E38AD}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
"{C1117CD5-76E1-46D8-B0BF-5564CE47449A}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{CF993794-A1BC-43A9-8420-36B7B06DAEB6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D548F9F2-12B2-4E85-8CED-553B613B7B3E}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{DBC96262-7D1D-4C03-8ACF-4C9FD9536E95}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E30C5BE3-FCA8-45EE-BC14-2C9025DA83BE}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F1F196E9-3C23-4624-BFB4-D135A1E400FE}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{F42CEC95-7C27-4A71-BDE0-470B7FF0D7FA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F68E6594-1E4D-4CC6-8DE1-73E2E1EB1A5B}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{FD5C93C6-D519-40F5-A8C1-5D301D6E82C8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{52ADF15A-EDEF-4CE3-A48B-652CCAFD3F28}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{63276F28-BB6E-457C-ACCF-E057A90137FB}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{932EE636-32EE-432C-BA9F-815476C90545}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{F9BCD99E-C7A2-400D-947C-C9A5F6129568}C:\program files (x86)\pro evolution soccer 2013\pes2013.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pro evolution soccer 2013\pes2013.exe |
"UDP Query User{03DB6C9D-2EE7-4EA7-BF34-C7AEF782D1C6}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{1CD8C092-D71D-4767-83D1-9200D737BB76}C:\program files (x86)\pro evolution soccer 2013\pes2013.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pro evolution soccer 2013\pes2013.exe |
"UDP Query User{255DBF38-1619-4B4C-BB13-94348CE7D323}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{ADBEAED5-DD59-4C0A-B48B-AEC6EFFD35C2}C:\program files\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\frd.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java(TM) 7 Update 3 (64-bit)
"{41968390-377D-0119-5AA9-755B8AF0DA80}" = ccc-utility64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AE196FD4-5109-21C4-6B2D-C8B60E188EC7}" = AMD Catalyst Install Manager
"{BA3E917A-7DBE-4760-7407-BD6E0EB3CFB2}" = AMD Fuel
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASRock App Charger_is1" = ASRock App Charger v1.0.5
"BC15EA930074932BB2C4B4493C9FD4EA95087D1A" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"CCleaner" = CCleaner
"ContinueToSave" = ContinueToSave
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.1.0 (64-bit)
"MediaInfo" = MediaInfo 0.7.61
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.11 (64-bit)
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B5F055F-0D34-C0E0-7E34-45789E958BCE}" = CCC Help English
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{118cdc1a-4311-460c-b3c4-b8a734baa4cc}" = Nero MediaHome 4 Essentials
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16F4BFFB-6A79-7A40-A591-23C63FC4D595}" = Catalyst Control Center Localization All
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{23A7D2CE-1A04-41D6-96A9-65D897E86DC2}" = CCC Help Czech
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}" = ArcSoft TotalMedia 3.5
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{34E23470-E328-BFCD-B3EF-E6E74E87FEDD}" = AMD VISION Engine Control Center
"{3A1EBEF3-9BDC-FFCD-8144-265FD2FD1D33}" = CCC Help Swedish
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{42F965F4-EABA-A9E4-C4B6-38C12EC34FBC}" = CCC Help Polish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E8EDE0A-E97B-2475-BF6B-C8FEEC4F4482}" = CCC Help Thai
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{66E4187B-991A-A4BE-933B-08B3BEBC0EE6}" = CCC Help Chinese Standard
"{69FC3B9A-4149-43DB-A557-6ED0C8D8BA44}" = Nero MediaHome 4 Help
"{6bd5b2e2-5ce2-4e33-bc9f-0201eccf5e64}_is1" = Certified Toolbar 2.1
"{6EB3C538-B9B8-F2BB-AEC4-865AC2DF2EE0}" = CCC Help Finnish
"{70F9C054-B713-B704-2E37-7F78439D5FA8}" = CCC Help Turkish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716A2D35-F0D5-3BE4-D02A-0C0A2FCDF7BB}" = CCC Help Danish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75569133-FD58-4F54-B622-9193EC7B6000}" = LITTLEST PET SHOP
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CEED00F-11AC-9C5C-F500-AF86D4C67E40}" = Catalyst Control Center Profiles Mobile
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{831C848D-F785-F9AF-693B-9BD2C9ED5D0B}" = CCC Help Portuguese
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84374801-0EEE-9A50-6F79-17E2057CC6C9}" = CCC Help Korean
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8F10F574-9C09-CEE0-DCC9-317DB01190FC}" = Catalyst Control Center InstallProxy
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{98097DB0-38DE-E2E8-D8F2-97F2816D5D4A}" = CCC Help Russian
"{99EF387E-633E-4CFB-BFA3-AB961B685DDF}" = Nero MediaHome 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3B31093-3C8E-3D69-A4EF-2EA950720590}" = CCC Help Japanese
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{AD053B60-BC7C-D749-0D5B-4ADE932AF931}" = CCC Help Hungarian
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3583D27-C12A-483E-98B8-235506F71502}" = TMNT
"{B810D852-DFD6-PES13-89A5-CC4D47756DAF}_is1" = Pro Evolution Soccer 2013 version 5.1
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C1C6816E-CBB3-A748-85F9-A8B47B68985B}" = continuetosave
"{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}" = Pro Evolution Soccer 2013
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CD9D0827-A6D6-4E2C-B31E-23F01577E27B}" = BlueStacks Notification Center
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3D3A52A-BD2B-BC1E-903F-A47E00F31AF8}" = CCC Help Greek
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D541F7BE-3CAC-18C6-43B3-CEAEA5887296}" = CCC Help French
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D93CC12C-4C40-C463-3463-9E025C277D3C}" = CCC Help Italian
"{DBCB47B1-235E-C4A8-C481-DDA01B49C9A7}" = CCC Help Spanish
"{DD899638-B3F5-A6D0-E263-44D5704A080C}" = CCC Help German
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{FAEA976B-4C36-141F-C7D8-889E0B067CE0}" = CCC Help Chinese Traditional
"{FCF0E04F-B459-61BE-66B5-B7D02112605F}" = CCC Help Dutch
"{FE7989B2-9F10-977F-3ABD-AF441E38AA41}" = CCC Help Norwegian
"1ClickDownload" = LSHunterTVApp
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.94
"Bee Adventure_is1" = Bee Adventure
"BFGC" = Big Fish Games: Game Manager
"BFG-Campgrounds" = Campgrounds
"BFG-Cooking Academy 3 - Recipe for Success" = Cooking Academy 3: Recipe for Success
"BFG-Jack of All Tribes" = Jack of All Tribes
"BFG-Jet Set Go" = Jet Set Go
"BlueStacks App Player" = BlueStacks App Player
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVDFab 8 Qt_is1" = DVDFab 8.1.9.0 (06/07/2012) Qt
"FLV to AVI MPEG WMV 3GP MP4 iPod Converter" = FLV to AVI MPEG WMV 3GP MP4 iPod Converter
"Google Chrome" = Google Chrome
"GotClip" = GotClip Downloader
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IT9130 DriverInstaller_11.4.26.1" = IT9130 Driver v11.4.26.1
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.1.0
"Knoll Light Factory EZ Studio" = Knoll Light Factory EZ Studio
"Labužníkův ráj: Zvířecí apetit" = Labužníkův ráj: Zvířecí apetit
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Můj život na farmě 2" = Můj život na farmě 2
"Opera 12.14.1738" = Opera 12.14
"Pán počasí" = Pán počasí
"PowerArchiver 2012 13.02.02" = PowerArchiver 2012
"Protected Search_is1" = Protected Search 1.1
"Red Giant ToonIt Studio" = Red Giant ToonIt Studio
"Smart Defrag 2_is1" = Smart Defrag 2
"Sniper Elite V2_is1" = Sniper Elite V2
"SP_ccfde35c" = Search Assistant SimpleSpeedy 1.74
"SP_e14dcdfa" = ContinueToSave 1.74
"Strašidelná panství" = Strašidelná panství
"Taneční horečka" = Taneční horečka
"Trapcode 3DStroke Studio" = Trapcode 3DStroke Studio
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio" = Trapcode Shine Studio
"uTorrent" = µTorrent
"Veselý šéfkuchař" = Veselý šéfkuchař
"VLC media player" = VLC media player 2.0.3
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"XFastUsb" = XFastUsb
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4150456642-3383372601-3730963037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoforFiles" = GoforFiles
"SeznamInstall" = Seznam Software
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 9.4.2013 18:29:44 | Computer Name = AMD-Vision-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 9.4.2013 18:29:44 | Computer Name = AMD-Vision-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 9.4.2013 18:29:44 | Computer Name = AMD-Vision-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 9.4.2013 18:29:44 | Computer Name = AMD-Vision-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 9.4.2013 18:29:44 | Computer Name = AMD-Vision-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 10.4.2013 2:50:04 | Computer Name = AMD-Vision-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 10.4.2013 6:06:25 | Computer Name = AMD-Vision-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 10.4.2013 10:21:45 | Computer Name = AMD-Vision-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 11.4.2013 0:51:29 | Computer Name = AMD-Vision-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 11.4.2013 2:06:42 | Computer Name = AMD-Vision-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 11.4.2013 2:11:52 | Computer Name = AMD-Vision-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
[ System Events ]
Error - 11.4.2013 0:51:29 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064
Error - 11.4.2013 0:51:58 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 11.4.2013 1:15:41 | Computer Name = AMD-Vision-PC | Source = DCOM | ID = 10010
Description =
Error - 11.4.2013 2:06:36 | Computer Name = AMD-Vision-PC | Source = Microsoft-Windows-TaskScheduler | ID = 413
Description = Službě Plánovač úloh se při spuštění nepodařilo načíst úlohy. Další
údaje: Hodnota chyby: 2147942402
Error - 11.4.2013 2:06:42 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064
Error - 11.4.2013 2:07:32 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 11.4.2013 2:10:37 | Computer Name = AMD-Vision-PC | Source = DCOM | ID = 10010
Description =
Error - 11.4.2013 2:11:25 | Computer Name = AMD-Vision-PC | Source = Microsoft-Windows-TaskScheduler | ID = 413
Description = Službě Plánovač úloh se při spuštění nepodařilo načíst úlohy. Další
údaje: Hodnota chyby: 2147942402
Error - 11.4.2013 2:11:52 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064
Error - 11.4.2013 2:12:02 | Computer Name = AMD-Vision-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
< End of report >
Re: Vir "Váš počítač je zablokován" - dočištění
Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
Ta zaloha cracknuteho ESETu se mi vubec nelibi Vidim tam MBAM. Nachazi neco pri kompletni kontrole? Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Vir "Váš počítač je zablokován" - dočištění
# AdwCleaner v2.200 - Log vytvooen 12/04/2013 v 09:20:32
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : AMD-Vision - AMD-VISION-PC
# Spuštin systém : Normální
# Spuštino z : D:\Users\AMD-Vision\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\Ask.com
Složka Nalezeno : C:\Program Files (x86)\continuetosave
Složka Nalezeno : C:\ProgramData\Ask
Složka Nalezeno : C:\ProgramData\continuetosave
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\continuetosave
Složka Nalezeno : C:\Users\AMD-Vision\AppData\LocalLow\CertifiedToolbar
Složka Nalezeno : C:\Users\AMD-Vision\AppData\LocalLow\simplytech
Složka Nalezeno : C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Složka Nalezeno : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\contin~1\sprote~1.dll
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\simple~1\sprote~1.dll
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\APN
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\AskToolbar
Klíe Nalezeno : HKCU\Software\AppDataLow\SProtector
Klíe Nalezeno : HKCU\Software\Ask.com
Klíe Nalezeno : HKCU\Software\Complitly
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99D9A734-954F-8613-F84D-6EE9DDB6A7BA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99D9A734-954F-8613-F84D-6EE9DDB6A7BA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\ProtectedSearch
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\APN
Klíe Nalezeno : HKLM\Software\AskToolbar
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\CertifiedToolbar.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.Band
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.Band.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Klíe Nalezeno : HKLM\Software\SimplyGen
Klíe Nalezeno : HKLM\Software\SP Global
Klíe Nalezeno : HKLM\Software\SProtector
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99D9A734-954F-8613-F84D-6EE9DDB6A7BA}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99D9A734-954F-8613-F84D-6EE9DDB6A7BA}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{774C0434-9948-4DEE-A14E-69CDD316E36C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
-\\ Mozilla Firefox v19.0.2 (cs)
Soubor : C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.search.defaultengine", "Web Search");
Nalezeno : user_pref("browser.search.defaultenginename", "WebSearch");
Nalezeno : user_pref("browser.search.defaultenginename,S", "WebSearch");
Nalezeno : user_pref("browser.search.defaulturl", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Nalezeno : user_pref("browser.search.order.1", "WebSearch");
Nalezeno : user_pref("browser.search.order.1,S", "WebSearch");
Nalezeno : user_pref("browser.search.selectedEngine,S", "WebSearch");
Nalezeno : user_pref("extensions.5079f814d60bd.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Nalezeno : user_pref("extensions.asktb.cbid", "^8E");
Nalezeno : user_pref("extensions.asktb.crumb", "2013.03.23+02.48.26-toolbar016iad-CZ-UHJlcm92LEN6ZWNoIFJlcHVibG[...]
Nalezeno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Nalezeno : user_pref("extensions.asktb.dtid", "^YYYYYY^M2^CZ");
Nalezeno : user_pref("extensions.asktb.guid", "08F80487-0511-4518-A5AC-98F38BC765F1");
Nalezeno : user_pref("extensions.asktb.if", "first");
Nalezeno : user_pref("extensions.asktb.l", "dis");
Nalezeno : user_pref("extensions.asktb.locale", "en_EU");
Nalezeno : user_pref("extensions.asktb.location", "Prerov,Czech Republic");
Nalezeno : user_pref("extensions.asktb.o", "41647997");
Nalezeno : user_pref("extensions.asktb.qsrc", "2871");
Nalezeno : user_pref("extensions.asktb.sa", "NO");
Nalezeno : user_pref("extensions.asktb.search-suggestions-enabled", false);
Nalezeno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Nalezeno : user_pref("extensions.asktb.themeid", "");
Nalezeno : user_pref("extensions.asktb.to", "");
Nalezeno : user_pref("extensions.asktb.version", "5.12.2.16749");
Nalezeno : user_pref("extensions.enabledAddons", "%7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15,toolbar%40a[...]
Nalezeno : user_pref("keyword.URL", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.14.1738.0
Soubor : C:\Users\AMD-Vision\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [16896 octets] - [12/04/2013 09:18:32]
AdwCleaner[R2].txt - [16809 octets] - [12/04/2013 09:20:32]
AdwCleaner[S1].txt - [18762 octets] - [09/04/2013 23:57:07]
########## EOF - C:\AdwCleaner[R2].txt - [16931 octets] ##########
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : AMD-Vision - AMD-VISION-PC
# Spuštin systém : Normální
# Spuštino z : D:\Users\AMD-Vision\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\Ask.com
Složka Nalezeno : C:\Program Files (x86)\continuetosave
Složka Nalezeno : C:\ProgramData\Ask
Složka Nalezeno : C:\ProgramData\continuetosave
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\continuetosave
Složka Nalezeno : C:\Users\AMD-Vision\AppData\LocalLow\CertifiedToolbar
Složka Nalezeno : C:\Users\AMD-Vision\AppData\LocalLow\simplytech
Složka Nalezeno : C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Složka Nalezeno : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\contin~1\sprote~1.dll
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\simple~1\sprote~1.dll
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\APN
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\AskToolbar
Klíe Nalezeno : HKCU\Software\AppDataLow\SProtector
Klíe Nalezeno : HKCU\Software\Ask.com
Klíe Nalezeno : HKCU\Software\Complitly
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99D9A734-954F-8613-F84D-6EE9DDB6A7BA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99D9A734-954F-8613-F84D-6EE9DDB6A7BA}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\ProtectedSearch
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\APN
Klíe Nalezeno : HKLM\Software\AskToolbar
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\CertifiedToolbar.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.Band
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.Band.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Klíe Nalezeno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Klíe Nalezeno : HKLM\Software\SimplyGen
Klíe Nalezeno : HKLM\Software\SP Global
Klíe Nalezeno : HKLM\Software\SProtector
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99D9A734-954F-8613-F84D-6EE9DDB6A7BA}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99D9A734-954F-8613-F84D-6EE9DDB6A7BA}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{774C0434-9948-4DEE-A14E-69CDD316E36C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKU\S-1-5-21-4150456642-3383372601-3730963037-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
-\\ Mozilla Firefox v19.0.2 (cs)
Soubor : C:\Users\AMD-Vision\AppData\Roaming\Mozilla\Firefox\Profiles\tobv71r9.default-1349848874682\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.search.defaultengine", "Web Search");
Nalezeno : user_pref("browser.search.defaultenginename", "WebSearch");
Nalezeno : user_pref("browser.search.defaultenginename,S", "WebSearch");
Nalezeno : user_pref("browser.search.defaulturl", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Nalezeno : user_pref("browser.search.order.1", "WebSearch");
Nalezeno : user_pref("browser.search.order.1,S", "WebSearch");
Nalezeno : user_pref("browser.search.selectedEngine,S", "WebSearch");
Nalezeno : user_pref("extensions.5079f814d60bd.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Nalezeno : user_pref("extensions.asktb.cbid", "^8E");
Nalezeno : user_pref("extensions.asktb.crumb", "2013.03.23+02.48.26-toolbar016iad-CZ-UHJlcm92LEN6ZWNoIFJlcHVibG[...]
Nalezeno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Nalezeno : user_pref("extensions.asktb.dtid", "^YYYYYY^M2^CZ");
Nalezeno : user_pref("extensions.asktb.guid", "08F80487-0511-4518-A5AC-98F38BC765F1");
Nalezeno : user_pref("extensions.asktb.if", "first");
Nalezeno : user_pref("extensions.asktb.l", "dis");
Nalezeno : user_pref("extensions.asktb.locale", "en_EU");
Nalezeno : user_pref("extensions.asktb.location", "Prerov,Czech Republic");
Nalezeno : user_pref("extensions.asktb.o", "41647997");
Nalezeno : user_pref("extensions.asktb.qsrc", "2871");
Nalezeno : user_pref("extensions.asktb.sa", "NO");
Nalezeno : user_pref("extensions.asktb.search-suggestions-enabled", false);
Nalezeno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Nalezeno : user_pref("extensions.asktb.themeid", "");
Nalezeno : user_pref("extensions.asktb.to", "");
Nalezeno : user_pref("extensions.asktb.version", "5.12.2.16749");
Nalezeno : user_pref("extensions.enabledAddons", "%7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15,toolbar%40a[...]
Nalezeno : user_pref("keyword.URL", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v26.0.1410.64
Soubor : C:\Users\AMD-Vision\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.14.1738.0
Soubor : C:\Users\AMD-Vision\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [16896 octets] - [12/04/2013 09:18:32]
AdwCleaner[R2].txt - [16809 octets] - [12/04/2013 09:20:32]
AdwCleaner[S1].txt - [18762 octets] - [09/04/2013 23:57:07]
########## EOF - C:\AdwCleaner[R2].txt - [16931 octets] ##########
Re: Vir "Váš počítač je zablokován" - dočištění
Eset jsem smazal.
Výpis z Malwarebytes Anti-Malware:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.04.12.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
AMD-Vision :: AMD-VISION-PC [administrátor]
Ochrana: Zakázána
12.4.2013 8:07:37
MBAM-log-2013-04-12 (09-13-49).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 440741
Uplynulý čas: 56 minut, 50 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GotClip (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 3
C:\Program Files (x86)\GotClip\Uninstall.exe (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
C:\Users\AMD-Vision\AppData\Roaming\uTorrent\FLV to AVI MPEG WMV 3GP MP4 iPod Converter 5.3.0402 {Full-Version} {blaze69}\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.exe (Trojan.Qhosts) -> Nebyla provedena žádná instrukce.
D:\Zaloha\Program Files\SuperMp3Download\Patch.exe (PUP.Hacktool.Patcher) -> Nebyla provedena žádná instrukce.
(konec)
Výpis z Malwarebytes Anti-Malware:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.04.12.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
AMD-Vision :: AMD-VISION-PC [administrátor]
Ochrana: Zakázána
12.4.2013 8:07:37
MBAM-log-2013-04-12 (09-13-49).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 440741
Uplynulý čas: 56 minut, 50 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GotClip (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 3
C:\Program Files (x86)\GotClip\Uninstall.exe (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
C:\Users\AMD-Vision\AppData\Roaming\uTorrent\FLV to AVI MPEG WMV 3GP MP4 iPod Converter 5.3.0402 {Full-Version} {blaze69}\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.exe (Trojan.Qhosts) -> Nebyla provedena žádná instrukce.
D:\Zaloha\Program Files\SuperMp3Download\Patch.exe (PUP.Hacktool.Patcher) -> Nebyla provedena žádná instrukce.
(konec)
Re: Vir "Váš počítač je zablokován" - dočištění
Na jednu otazku jste neodpovedel. Omylem, nebo schvalne? 
Márty84 píše:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?