Zdravim chtěl bch tatkovi pročistit notebook.Je pomaly spravce uloh ukazuje 86 pocesu. Na internetu vyskakuji okna.
přikladam log
Logfile of random's system information tool 1.10 (written by random/random)
Run by Moris Jan at 2014-08-22 13:01:56
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 100 GB (34%) free of 297 GB
Total RAM: 1790 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:03:23, on 22.8.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16563)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Nero\Tools\InCD\NBHGui.exe
C:\Program Files\Nero\Tools\InCD\InCD.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\program files\thetorntv v10\thetorntv v10-bg.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7ROPBN6\RSIT.exe
C:\Program Files\trend micro\Moris Jan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1379171263
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www2.inbox.com/search/dispatcher ... &%language
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1379171263
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1379171263
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qvo6.com/web/?utm_source= ... 1379171263
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.qvo6.com/web/?utm_source= ... 1379171263
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: CrossriderApp0061855 - {11111111-1111-1111-1111-110611181155} - C:\Program Files\TheTorntv V10\TheTorntv V10-bho.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: RewardsArcadeSuite - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Lišta Centrum.cz - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NBHGui] C:\Program Files\Nero\Tools\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Tools\InCD\InCD.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... 732de4b468
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - (no file)
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - (no file)
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - (no file)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 13045 bytes
======Scheduled tasks folder======
C:\Windows\tasks\15f435f1-08a6-4eb3-a7b1-3160913a53ab-1.job - C:\Program Files\TheTorntv V10\TheTorntv V10-codedownloader.exe /ARGoAOwN /wfGEoLQB=task /GQQsLkHHf='TheTorntv V10' /GdQeo=61855 /NaafkwC='001823' /duizlkZc='0' /PepKxhxx='0' /IKcgB=BE0896CE0051430E8C842EC28FAE5D20IE /xGRrNffF=210f09feba8f79a898cc902e7745bfd6 /GhtkXzDLm=1_34_07_01 /SLXCxEuez=1.34.7.1 /qLytFpJ=1406278691 /FQDVdSQU=http://stats.infodatacloud.com /hfkqSKX=http://errors.infodatacloud.com /VqCCHUDnH=http://cr.install-daddy.com /oaRkGWqRm=ff /eHXdyWwA='TheTorntv V10' /aqowXnBc=http://cr.install-daddy.com /vXWcADE /KhmPADjBg='{"asw":[1, -2038431739, 0]}' /zSHmDC='http://update.infodatacloud.com/ie_code ... pdate.json' /wfGEoLQB='task' /OgJZENyUj=''
C:\Windows\tasks\15f435f1-08a6-4eb3-a7b1-3160913a53ab-11.job - C:\Program Files\TheTorntv V10\15f435f1-08a6-4eb3-a7b1-3160913a53ab-11.exe /uWwqGqzvQ=VnxGaO/2/GwJ9xfEa3/ZN4Pe7nLqtlhPCqjr7OrM1F2Zis4dAxDRRQQncsK77vUSvvn3rf2ccLqhvTr5nkxvQXD8w5VAdptvMPREUZswSFI+HSnrYKPGlaA8+AGJdC9Hlc9ubITfhBiL9N00BKf+dEvInJ/8/PDhdJaSwcbfMz0guHzme/szU+CXu3lAufKyPrGFbs9+bdMIaq/YNoVFJUgKRYsySXGQz5BD8d5UKtqBffKK7TtZHpk5xd79jF+RzsEDpU1bpQtLEs+zMlrGOkofRwtw3z4a5NRiCYb476O/pDpGqJ/v04igenqFuYDg6zLaWb0ld6W7gE5efnta3JOvqqPaeUduHXpT3Hkdpnp5z28GO1JDU16/zSEoMF4n8Ae7ceVi2zFeg9ph2syQ/SfJXEfwHtoR6TkWfMut0P/CaD5COKdyH8uv6RfFE6CS6eKKAskXsdh7ddFcmPIN+nBHedQFnGtpH9Zv1DSkylL5qL7/kOdVVsSWOYsFO4acJPWoqm1MvRhBoJv+9oVIDeThUVjWxslSFPhA1M/3COcJpGMn2VHNSyvOe/ViCxNI2QKP9Aody9HHPQ5yHEIkizbDRryijKfoBlx3yXKUr0nQ9HCF3PUXzC0zBjC7wcXJcoyZ3CfRpbGytsDqahKByFzNY8r3h2mswhf/UDHjlOQvhyGd2rWXEppTJF3jUoPLkNtlUgo43Lih9YgHbE2wpe/IDE6R5whxdbwR7I4V+AYb1E2LBUJ9iE6HfH2kHFza+3Q6I8VMzG7uTx1SRyNWXbbaziIJW0w20d3LBLxUZ05h4EMPc+O5DLg/7ZCDX9QznjpBr9YcV5Ju9QDa/8Q+qhAhF4yU1ljXgCjFDqRKeA/jSyI1o72k4fpyjPWFIN6qQTycKx6AQKC64gGLmEgZj9xlCzRbSZUJk87P5LlAnJPSi86VEAukPMvRr7+UZjKa7t2HoFnethe98NBzPRz4smKYU4ZTYV8fjBdxfklHpKiJXBYJHnTz1bkva9kEiyyeSQ5dBRMneIfzw+0857Ot/lv3n8Omtz04kZB6ywR2xdzoprMWS7n2Bvt86BvDxj8EpKg5aw7UI1/U8TUfg/tWR2LHVCVXmW1BGNqnvMuVgkjT/yI7Xiagi+KVwBDgzcRcfw+/UykMy1jMM547U5th6Fw4wFhG/xQ73PJ/4aYcsjFl+objGzmrtcZHTpNL/z9UbQJgYdFzh9gAr5n1rUFmhIQSlSebMmJiVpOBPLfH/kD7AR5ZdJ+Xfm/l5dDK57lc21CEMtx4wPxGkzqAqDzrXeJnD0bxYcU2pUMyirvMzJiYxMpP4gIG2kYQ9eY7jra4h20uvyfhe+vsrn+BsF8mJRkGRB/Gw0UrYSVFpBYEBGL3kVORFPG2sLHJUghyajmd1Yqosh8skZssfLlLhQoRNM9tGLH7bsELIN2T8B8MvzLEuOqFE0UE8zSY+LIyZW1tz6JAuQCYHEC6lNgt4rJcLoxCZcFZtVVYqqpkmghwd9QKN7JZV6J3njemVBl2mpi+pRBM7hUnsSN2fnRuEXEm72MclSSRsCASV/A/CsaTlZTPeCQcyCi7Uq4kEqKtbsBRUayTz7cprUkmcv06E1lLjeAj67P21GQ/W/kOgJwWLEISJpKji5hqpd4EmOkEl0uJxb2+IUJh97fbHA+MSZ2J2wWFFm+d0M52blNQORqbJ2k=
C:\Windows\tasks\15f435f1-08a6-4eb3-a7b1-3160913a53ab-2.job - C:\Program Files\TheTorntv V10\15f435f1-08a6-4eb3-a7b1-3160913a53ab-2.exe /wWZVuuacq /GQQsLkHHf='TheTorntv V10' /GdQeo=61855 /NaafkwC='001823' /duizlkZc='0' /PepKxhxx='0' /IKcgB=BE0896CE0051430E8C842EC28FAE5D20IE /xGRrNffF=210f09feba8f79a898cc902e7745bfd6 /GhtkXzDLm=1_34_07_01 /qLytFpJ=1406278691 /FQDVdSQU=http://stats.infodatacloud.com /hfkqSKX=http://errors.infodatacloud.com /pEaejiX=11111111-1111-1111-1111-110611181155 /oaRkGWqRm=ff /vXWcADE /zSHmDC='http://update.infodatacloud.com/ie_enab ... pdate.json' /wfGEoLQB='task' /OgJZENyUj=''
C:\Windows\tasks\15f435f1-08a6-4eb3-a7b1-3160913a53ab-3.job - C:\Program Files\TheTorntv V10\15f435f1-08a6-4eb3-a7b1-3160913a53ab-3.exe /uWwqGqzvQ=gbZ12N628nI7OnUss1CPK1YHYavapHU2N21usoFj1IXCO1o1OqccHKKmsP3ORAi4hES7Zex43FFbctG4t+XsGed1rmKuTcSWnDZ2OM67eh491aVmuPrU6ivdeUn4ZtxnOhhSIk58zWHOaQ0IzPsQuVOMhuQQ8+IGvvHSUYtdM5KiGCtfP7ZAZ95Un8JNv45uYaDMDFByGCt/1sIYD8JXJ0iwAoKm9xWGs5mRvSzZ+boZEEWl9Y1Jv7CzldKm/rfSGMkadtaO4R2R2nwGmYdFqqKYmJfMJ7l73+LdyY35KJBD3dVhJArKn7Os+UZHSRsapCN3v7rn0z0SCYK2QzrTrC/cEalPhHN43osafr3CuCU+PFWN/3qf9IhuR3OobMIajXmSITR+xg5TXlhmrHNAP81y5edaJA+TgLRc2SfPOvXzUob+IejHYBqVsRw2TKXlqNb5/v7ZJD1+Rzt5lTawvyk2+dmi6GPyPbR9bxjyyGKIFpA8SeLQ8LGox4bl4llFPuq6dhd8pnKrSMO2uVRVG2yT7olTUsSpa8nS55PXJ3vqSVL4NB+uaEkqcxdFkBLZsjcVzwjHH55zmlom0gz5uHcsCUTv9nO3qRD0JkQC9YrRXJQ/+ShnB0dxHnYBX47v36ZHM3M8cwCWWQmg0a3J2xZJ/c0+Wq31TguuN3TlwoAKT7KLpnfPKu/RRDVyz1o4zQOk8/RM4P4OtDMz/NTrv5CLyW2VGzkb5xYiaDo3W41XQPnTP5cHfOmha3VlZ/uApNVo0uREutqMRw9hPRCtc4c0JdimlorOnhAg2E5K101SQ3qX8legfqftOfcVljD2Q7YyJXdN93U5yqwJ4qSTOQHcBAh6o+IsLmNflIGoIU7vvIQTJAHRU6euhUR6+ybcret4JlcctM1rdp6+mxONq1l2lP7AiTfrKBJIHlNy/RRHnseqUiUsQJjs2+NvNxS7njRgxwFBF7jUsLXKonTmUJ5rpJ1mfUsG1eSyFgCWtnXz4efPdDFGHjnFg6pjQwrT
C:\Windows\tasks\15f435f1-08a6-4eb3-a7b1-3160913a53ab-4.job - C:\Program Files\TheTorntv V10\15f435f1-08a6-4eb3-a7b1-3160913a53ab-4.exe /nlEPiYGF /GQQsLkHHf='TheTorntv V10' /faCBeIVvx='C:\Program Files\TheTorntv V10\15f435f1-08a6-4eb3-a7b1-3160913a53ab.xpi' /GdQeo=61855 /NaafkwC='001823' /duizlkZc='0' /PepKxhxx='0' /IKcgB=BE0896CE0051430E8C842EC28FAE5D20IE /xGRrNffF=210f09feba8f79a898cc902e7745bfd6 /GhtkXzDLm=1_34_07_01 /SLXCxEuez=1.34.7.1 /qLytFpJ=1406278691 /FQDVdSQU=http://stats.infodatacloud.com /hfkqSKX=http://errors.infodatacloud.com /dPrrKLd=300 /RbRoaAKOE=44e4876d5886435183fea8e@44f892d6c2ac4a44858c85e3636.com /nOshYcP=0.95 /NkGmMf=a44e4876d5886435183fea8e44f892d6c2ac4a44858c85e3636com61855 /gwUBcTIqH=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /61855.rdf /JIYWmp='TheTorntv V10' /kSNocwmr='The must-have App extensions for Television fans! Watch free TV channels, live sports and more' /fEoeC='esc' /oaRkGWqRm=ff /KhmPADjBg='{"asw":[1, -2038431739, 0]}' /vXWcADE /dhARYxx /jbjQc /zSHmDC='http://update.infodatacloud.com/ff_agen ... pdate.json' /wfGEoLQB='task' /OgJZENyUj=''
C:\Windows\tasks\15f435f1-08a6-4eb3-a7b1-3160913a53ab-5.job - C:\Program Files\TheTorntv V10\15f435f1-08a6-4eb3-a7b1-3160913a53ab-5.exe /SNbADvo /GQQsLkHHf='TheTorntv V10' /GdQeo=61855 /NaafkwC='001823' /duizlkZc='0' /PepKxhxx='0' /IKcgB=BE0896CE0051430E8C842EC28FAE5D20IE /xGRrNffF=210f09feba8f79a898cc902e7745bfd6 /GhtkXzDLm=1_34_07_01 /qLytFpJ=1406278691 /FQDVdSQU=http://stats.infodatacloud.com /hfkqSKX=http://errors.infodatacloud.com /EjkMKv=http://ipgeoapi.com/ /uOxoQya=http://update.infodatacloud.com /UBSVJqA=2 /wridOWN=http://logs.infodatacloud.com /zSHmDC='http://update.infodatacloud.com/updater ... pdate.json' /wfGEoLQB='task' /OgJZENyUj=''
C:\Windows\tasks\15f435f1-08a6-4eb3-a7b1-3160913a53ab-5_user.job - C:\Program Files\TheTorntv V10\15f435f1-08a6-4eb3-a7b1-3160913a53ab-5.exe /SNbADvo /GQQsLkHHf='TheTorntv V10' /GdQeo=61855 /NaafkwC='001823' /duizlkZc='0' /PepKxhxx='0' /IKcgB=BE0896CE0051430E8C842EC28FAE5D20IE /xGRrNffF=210f09feba8f79a898cc902e7745bfd6 /GhtkXzDLm=1_34_07_01 /qLytFpJ=1406278691 /FQDVdSQU=http://stats.infodatacloud.com /hfkqSKX=http://errors.infodatacloud.com /EjkMKv=http://ipgeoapi.com/ /uOxoQya=http://update.infodatacloud.com /UBSVJqA=2 /wridOWN=http://logs.infodatacloud.com /zSHmDC='http://update.infodatacloud.com/updater ... pdate.json' /uTNEtP /wfGEoLQB='task' /OgJZENyUj=''
C:\Windows\tasks\15f435f1-08a6-4eb3-a7b1-3160913a53ab-6.job - C:\Program Files\TheTorntv V10\TheTorntv V10-novainstaller.exe /OhRvDkp /GQQsLkHHf='TheTorntv V10' /GdQeo=61855 /NaafkwC='001823' /duizlkZc='0' /PepKxhxx='0' /IKcgB=BE0896CE0051430E8C842EC28FAE5D20IE /xGRrNffF=210f09feba8f79a898cc902e7745bfd6 /GhtkXzDLm=1_34_07_01 /SLXCxEuez=1.34.7.1 /qLytFpJ=1406278691 /FQDVdSQU=http://stats.infodatacloud.com /hfkqSKX=http://errors.infodatacloud.com /VqCCHUDnH=http://cr.install-daddy.com /oaRkGWqRm=ff /ZJAzGitk /eHXdyWwA=TheTorntv V10 /vhBomNqck='nova' /aqowXnBc=http://cr.install-daddy.com /KhmPADjBg='{"asw":[1, -2038431739, 0]}' /wfGEoLQB=task /zSHmDC='http://update.infodatacloud.com/novacod ... pdate.json' /wfGEoLQB='task' /OgJZENyUj=''
C:\Windows\tasks\15f435f1-08a6-4eb3-a7b1-3160913a53ab-7.job - C:\Program Files\TheTorntv V10\TheTorntv V10-nova.exe /GQQsLkHHf='TheTorntv V10' /GdQeo=61855 /NaafkwC='001823' /duizlkZc='0' /PepKxhxx='0' /IKcgB=BE0896CE0051430E8C842EC28FAE5D20IE /xGRrNffF=210f09feba8f79a898cc902e7745bfd6 /GhtkXzDLm=1_34_07_01 /SLXCxEuez=1.34.7.1 /qLytFpJ=1406278691 /FQDVdSQU=http://stats.infodatacloud.com /hfkqSKX=http://errors.infodatacloud.com /VqCCHUDnH=http://cr.install-daddy.com /oaRkGWqRm=ff /ZJAzGitk /eHXdyWwA=TheTorntv V10 /vhBomNqck='nova' /aqowXnBc=http://cr.install-daddy.com /KhmPADjBg='{"asw":[1, -2038431739, 0]}' /zSHmDC='http://update.infodatacloud.com/novarun ... pdate.json' /wfGEoLQB='task' /OgJZENyUj=''
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf94fa94710a2e.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\NeroLiveEpgUpdate-MorisJan-PC_Moris-Jan.job - C:\Program Files\Nero\Nero 9\Nero Live\NeroLive.exe /silentepgupdate
=========Mozilla firefox=========
ProfilePath - C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "about:home"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"crossriderapp1950@crossrider.com"=C:\Users\Moris Jan\AppData\Local\RewardsArcadeSuite\1950\Firefox
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
ffxtlbr@babylon.com
C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js
C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
nppdf32.dll
C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\
44e4876d5886435183fea8e@44f892d6c2ac4a44858c85e3636.com
artur.dubovoy@gmail.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\searchplugins\
bingp.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611181155}]
TheTorntv V10 - C:\Program Files\TheTorntv V10\TheTorntv V10-bho.dll [2014-07-25 619880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14 270960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6EF6C45-5E8D-4c3b-B580-A5073261A381}]
RewardsArcadeSuite - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll [2011-11-03 528216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-16 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14 237680]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - Lišta Centrum.cz - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-10-06 210216]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2009-09-08 468264]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-01-12 49208]
"NBHGui"=C:\Program Files\Nero\Tools\InCD\NBHGui.exe [2009-10-16 1600816]
"InCD"=C:\Program Files\Nero\Tools\InCD\InCD.exe [2009-10-16 1060136]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 13797920]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-01-03 1391272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2011-12-12 103896]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"Nikon Message Center 2"=C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-22 30192]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-06-17 5179408]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... 732de4b468 []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-07-24 21653096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=L3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.ffds"=ffdshow.ax
"msacm.ac3filter"=ac3filter.acm
"VIDC.FMVC"=fmcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-08-22 13:01:57 ----D---- C:\Program Files\trend micro
2014-08-22 13:01:56 ----D---- C:\rsit
2014-08-20 09:01:11 ----D---- C:\Program Files\Common Files\Skype
2014-08-19 08:35:24 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-19 08:35:23 ----A---- C:\Windows\system32\icardres.dll
2014-08-19 08:35:23 ----A---- C:\Windows\system32\icardagt.exe
2014-08-19 08:35:08 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-16 08:46:42 ----A---- C:\Windows\system32\msi.dll
2014-08-16 08:46:41 ----A---- C:\Windows\system32\msihnd.dll
2014-08-16 08:46:41 ----A---- C:\Windows\system32\consent.exe
2014-08-16 08:46:41 ----A---- C:\Windows\system32\authui.dll
2014-08-16 08:46:41 ----A---- C:\Windows\system32\appinfo.dll
2014-08-16 08:46:27 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-16 08:46:26 ----A---- C:\Windows\system32\cdd.dll
2014-08-16 08:46:17 ----A---- C:\Windows\system32\vbscript.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\wininet.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\jscript9.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\jscript.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\ieui.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-16 08:46:13 ----A---- C:\Windows\system32\mshtml.dll
2014-08-16 08:46:09 ----A---- C:\Windows\system32\urlmon.dll
2014-08-16 08:46:09 ----A---- C:\Windows\system32\mshta.exe
2014-08-16 08:46:09 ----A---- C:\Windows\system32\msfeedssync.exe
2014-08-16 08:46:09 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-08-16 08:46:09 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-16 08:46:08 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-16 08:46:08 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-16 08:46:07 ----A---- C:\Windows\system32\url.dll
2014-08-16 08:46:07 ----A---- C:\Windows\system32\iertutil.dll
2014-08-16 08:46:07 ----A---- C:\Windows\system32\ieframe.dll
2014-08-16 08:45:51 ----A---- C:\Windows\system32\tzres.dll
2014-07-31 11:03:55 ----D---- C:\Program Files\Mozilla Firefox
2014-07-25 10:52:13 ----D---- C:\Program Files\globalUpdate
2014-07-25 10:52:08 ----D---- C:\Program Files\TheTorntv V10
2014-07-25 10:51:43 ----D---- C:\Program Files\TornTV.com
======List of files/folders modified in the last 1 month======
2014-08-22 13:03:21 ----D---- C:\Windows\Temp
2014-08-22 13:01:57 ----D---- C:\Program Files
2014-08-22 12:37:21 ----D---- C:\Users\Moris Jan\AppData\Roaming\Skype
2014-08-22 10:36:59 ----SHD---- C:\System Volume Information
2014-08-22 10:19:53 ----AD---- C:\ProgramData\Temp
2014-08-22 10:03:28 ----D---- C:\ProgramData\MFAData
2014-08-22 09:30:42 ----A---- C:\ProgramData\hpqp.ini
2014-08-20 09:01:19 ----SHD---- C:\Windows\Installer
2014-08-20 09:01:19 ----D---- C:\ProgramData\Skype
2014-08-20 09:01:18 ----SHD---- C:\Config.Msi
2014-08-20 09:01:11 ----D---- C:\Program Files\Common Files
2014-08-19 16:33:11 ----D---- C:\Windows\Microsoft.NET
2014-08-19 16:30:18 ----RSD---- C:\Windows\assembly
2014-08-19 14:00:11 ----D---- C:\Windows\rescache
2014-08-19 13:08:02 ----D---- C:\Windows\system32\catroot2
2014-08-19 09:40:42 ----D---- C:\Windows\System32
2014-08-19 09:40:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-19 09:40:41 ----D---- C:\Windows\inf
2014-08-19 09:28:30 ----D---- C:\Windows\system32\sk-SK
2014-08-19 09:28:30 ----D---- C:\Windows\system32\cs-CZ
2014-08-19 09:28:21 ----D---- C:\Windows\system32\en-US
2014-08-19 09:28:07 ----D---- C:\Windows\system32\drivers
2014-08-19 09:28:05 ----D---- C:\Windows\system32\migration
2014-08-19 09:28:04 ----D---- C:\Program Files\Internet Explorer
2014-08-19 09:11:51 ----D---- C:\Windows\system32\MRT
2014-08-19 08:47:15 ----A---- C:\Windows\system32\mrt.exe
2014-08-19 08:44:56 ----D---- C:\Windows\winsxs
2014-08-19 08:41:19 ----D---- C:\Windows\system32\catroot
2014-08-11 08:39:35 ----D---- C:\ProgramData\AVG2014
2014-07-31 16:30:21 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-07-30 08:36:55 ----D---- C:\Users\Moris Jan\AppData\Roaming\vlc
2014-07-29 14:41:01 ----D---- C:\Users\Moris Jan\AppData\Roaming\Vso
2014-07-28 18:39:24 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-27 19:32:18 ----D---- C:\Windows
2014-07-25 10:58:52 ----D---- C:\Windows\Tasks
2014-07-25 10:58:44 ----D---- C:\Windows\system32\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2014-06-17 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-17 121624]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-06-17 199960]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 InCDRec;Nero UDF File System Recognizer Driver; C:\Windows\system32\DRIVERS\InCDRec.sys [2009-10-16 19096]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 InCDFs;Nero UDF File System Driver; C:\Windows\system32\DRIVERS\InCDFs.sys [2009-10-16 130200]
R3 InCDPass;Nero InCDPass Driver; C:\Windows\system32\DRIVERS\InCDPass.sys [2009-10-16 48280]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-25 14848]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-03-14 47360]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-04-23 64512]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2011-03-25 94336]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-06-27 3241488]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-06-17 289328]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2008-01-21 11264]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 InCDSrv;InCD Helper; C:\Program Files\Nero\Tools\InCD\InCDSrv.exe [2009-10-16 1420592]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe [2009-10-16 53560]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [2011-12-20 196904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-12-12 793048]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-09-15 241734]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-25 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11 262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-25 68608]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-22 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-12 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-31 119408]
S3 NtmsSvc;@%SystemRoot%\system32\ntmssvc.dll,-2; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-04-11 71168]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomaly notebook vyskakuji okna
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomaly notebook vyskakuji okna
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomaly notebook vyskakuji okna
# AdwCleaner v3.308 - Report created 23/08/2014 at 13:17:28
# Updated 20/08/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Moris Jan - MORISJAN-PC
# Running from : C:\Users\Moris Jan\Desktop\adwcleaner_3.308.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Converter
Folder Deleted : C:\Program Files\Advanced System Protector
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\BabylonToolbar
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Desk 365
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\FunWebProducts
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\iLivid
Folder Deleted : C:\Program Files\Optimizer Pro
Folder Deleted : C:\Program Files\RegClean Pro
Folder Deleted : C:\Program Files\RewardsArcadeSuite
Folder Deleted : C:\Program Files\Systweak Support Dock
Folder Deleted : C:\Program Files\TornTV.com
Folder Deleted : C:\Program Files\Trymedia
Folder Deleted : C:\Program Files\VideoConverter
Folder Deleted : C:\Program Files\WinZip Registry Optimizer
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\TheTorntv V10
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Moris Jan\AppData\Local\Babylon
Folder Deleted : C:\Users\Moris Jan\AppData\Local\Conduit
Folder Deleted : C:\Users\Moris Jan\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Moris Jan\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Moris Jan\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Moris Jan\AppData\Local\Pokki
Folder Deleted : C:\Users\Moris Jan\AppData\Local\RewardsArcadeSuite
Folder Deleted : C:\Users\Moris Jan\AppData\Local\TheTorntv V10
Folder Deleted : C:\Users\Moris Jan\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Moris Jan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Moris Jan\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Moris Jan\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Desk 365
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\uu7klb0j.default\Conduit
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\uu7klb0j.default\CT1460988
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\uu7klb0j.default\Extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\Extensions\44e4876d5886435183fea8e@44f892d6c2ac4a44858c85e3636.com
Folder Deleted : C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb
File Deleted : C:\Users\Moris Jan\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Moris Jan\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\Moris Jan\Desktop\TornTV.lnk
File Deleted : C:\Program Files\Mozilla Firefox\Components\AskHPRFF.js
File Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\uu7klb0j.default\searchplugins\Askcom.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\searchplugins\bingp.xml
File Deleted : C:\Program Files\Mozilla Firefox\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : Desk 365 RunAsStdUser
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-1
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-11
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-2
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-3
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-4
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-5
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-5_user
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-6
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-7
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verdict Free\Internetový překladač.lnk
Shortcut Disinfected : C:\Users\Moris Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ielefkgbofdpglioecfjcbikholflklb
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061855.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061855.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061855.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061855.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1460988
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611181155}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622182255}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655185555}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666186655}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644184455}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611181155}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611181155}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611181155}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\SiteRanker
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\TheTorntv V10
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Desksvc
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\FunWebProducts
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\ilivid
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\qvo6Software
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\TheTorntv V10
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\V9
Key Deleted : HKLM\SOFTWARE\winzipersvc
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TheTorntv V10
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16563
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
-\\ Mozilla Firefox v31.0 (x86 cs)
[ File : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\prefs.js ]
Line Deleted : user_pref("extensions.a44e4876d5886435183fea8e44f892d6c2ac4a44858c85e3636com61855.61855.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D[...]
Line Deleted : user_pref("extensions.crossrider.bic", "1476eece2f29e39771a4499d0ec935f1");
Line Deleted : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394116757269");
[ File : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\ebkpavo6.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[ File : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\g2yn5piz.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[ File : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\uu7klb0j.default\prefs.js ]
Line Deleted : user_pref("CT1460988.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT1460988.CT1667811.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1668860.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1668889.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1669100.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1669115.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1670222.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1670245.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1729581.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1729585.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1729587.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1729593.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT2164362.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT2651538.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT2651538.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1460988.CT2651538.FeedLastCount129198783342596396", 173);
Line Deleted : user_pref("CT1460988.CT2651538.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT1460988.CT2651538.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT1460988.CT2651538.GroupingLastCheckTime", "Thu Aug 05 2010 18:25:18 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT1460988.CT2651538.GroupingLastResponse", true);
Line Deleted : user_pref("CT1460988.CT2651538.GroupingLastServerUpdateTime", "129246421652530000");
Line Deleted : user_pref("CT1460988.CT2651538.InvalidateCache", false);
Line Deleted : user_pref("CT1460988.CT2651538.LanguagePackLastCheckTime", "Thu Aug 05 2010 18:25:19 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.Locale", "en-us");
Line Deleted : user_pref("CT1460988.CT2651538.RadioLastCheckTime", "Thu Aug 05 2010 18:25:18 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT1460988.CT2651538.RadioLastUpdateServer", "3");
Line Deleted : user_pref("CT1460988.CT2651538.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2651538&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT1460988.CT2651538.SearchInNewTabLastCheckTime", "Thu Aug 05 2010 18:25:18 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT1460988.CT2651538.SettingsLastCheckTime", "Thu Aug 05 2010 18:25:17 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.SettingsLastUpdate", "1280161365");
Line Deleted : user_pref("CT1460988.CT2651538.ThirdPartyComponentsLastCheck", "Thu Aug 05 2010 18:25:17 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT1460988.CT2651538.ToggleComponentState129198783343221398", true);
Line Deleted : user_pref("CT1460988.CTID", "CT1460988");
Line Deleted : user_pref("CT1460988.CommunitiesChangesLastCheckTime", "Thu Aug 05 2010 18:26:01 GMT+0200");
Line Deleted : user_pref("CT1460988.CommunitiesStatus.CT1460988", 0);
Line Deleted : user_pref("CT1460988.CommunitiesStatus.CT2651538", 0);
Line Deleted : user_pref("CT1460988.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CurrentServerDate", "5-8-2010");
Line Deleted : user_pref("CT1460988.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1460988.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT1460988.EMailNotifierPollDate", "Thu Aug 05 2010 18:24:41 GMT+0200");
Line Deleted : user_pref("CT1460988.ExternalComponentPollDate129239308604258837", "Thu Aug 05 2010 18:11:34 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedLastCount128460900971181341", 173);
Line Deleted : user_pref("CT1460988.FeedPollDate128460898315556274", "Thu Aug 05 2010 18:11:34 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedPollDate128460899415556929", "Thu Aug 05 2010 18:11:34 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedPollDate128460899564463182", "Thu Aug 05 2010 18:11:34 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedPollDate128460899661963361", "Thu Aug 05 2010 18:11:34 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedPollDate128460899768994715", "Thu Aug 05 2010 18:11:35 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedPollDate128479826070094154", "Thu Aug 05 2010 18:11:35 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedTTL128460898315556274", 5);
Line Deleted : user_pref("CT1460988.FeedTTL128460899415556929", 20);
Line Deleted : user_pref("CT1460988.FeedTTL128460899564463182", 30);
Line Deleted : user_pref("CT1460988.FeedTTL128460899661963361", 15);
Line Deleted : user_pref("CT1460988.FirstServerDate", "5-8-2010");
Line Deleted : user_pref("CT1460988.FirstTime", true);
Line Deleted : user_pref("CT1460988.FirstTimeFF3", true);
Line Deleted : user_pref("CT1460988.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT1460988.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT1460988.GroupingLastCheckTime", "Thu Aug 05 2010 18:11:33 GMT+0200");
Line Deleted : user_pref("CT1460988.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT1460988.GroupingLastResponse", true);
Line Deleted : user_pref("CT1460988.GroupingLastServerUpdateTime", "129254903585000000");
Line Deleted : user_pref("CT1460988.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT1460988.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT1460988.Initialize", true);
Line Deleted : user_pref("CT1460988.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT1460988.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT1460988.InstallationType", "UnknownIntegration");
Line Deleted : user_pref("CT1460988.InstalledDate", "Thu Aug 05 2010 18:11:33 GMT+0200");
Line Deleted : user_pref("CT1460988.InvalidateCache", false);
Line Deleted : user_pref("CT1460988.IsGrouping", true);
Line Deleted : user_pref("CT1460988.IsMulticommunity", false);
Line Deleted : user_pref("CT1460988.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT1460988.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT1460988.LanguagePackLastCheckTime", "Thu Aug 05 2010 18:11:36 GMT+0200");
Line Deleted : user_pref("CT1460988.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT1460988.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT1460988.LastLogin_2.6.0.15", "Thu Aug 05 2010 18:11:35 GMT+0200");
Line Deleted : user_pref("CT1460988.LatestVersion", "2.1.0.18");
Line Deleted : user_pref("CT1460988.Locale", "en-us");
Line Deleted : user_pref("CT1460988.LoginCache", 4);
Line Deleted : user_pref("CT1460988.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT1460988.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT1460988.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT1460988.RadioIsPodcast", false);
Line Deleted : user_pref("CT1460988.RadioLastCheckTime", "Thu Aug 05 2010 18:25:13 GMT+0200");
Line Deleted : user_pref("CT1460988.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT1460988.RadioLastUpdateServer", "128929877726170000");
Line Deleted : user_pref("CT1460988.RadioMediaID", "9962");
Line Deleted : user_pref("CT1460988.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT1460988.RadioMenuSelectedID", "EBRadioMenu_CT14609889962");
Line Deleted : user_pref("CT1460988.RadioStationName", "California%20Rock");
Line Deleted : user_pref("CT1460988.RadioStationURL", "hxxp://feedlive.net/california.asx");
Line Deleted : user_pref("CT1460988.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT1460988.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1460988&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT1460988.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&q=");
Line Deleted : user_pref("CT1460988.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT1460988.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT1460988.SearchInNewTabLastCheckTime", "Thu Aug 05 2010 18:25:12 GMT+0200");
Line Deleted : user_pref("CT1460988.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1460988.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1460988.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT1460988.SettingsLastCheckTime", "Thu Aug 05 2010 18:11:32 GMT+0200");
Line Deleted : user_pref("CT1460988.SettingsLastUpdate", "1281009558");
Line Deleted : user_pref("CT1460988.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT1460988.ThirdPartyComponentsLastCheck", "Thu Aug 05 2010 18:11:31 GMT+0200");
Line Deleted : user_pref("CT1460988.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT1460988.ToggleComponentState129160818675915142", true);
Line Deleted : user_pref("CT1460988.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&so ... sealid=112");
Line Deleted : user_pref("CT1460988.UserID", "UN81789513115779512");
Line Deleted : user_pref("CT1460988.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT1460988.WeatherNetwork", "");
Line Deleted : user_pref("CT1460988.WeatherPollDate", "Thu Aug 05 2010 18:11:36 GMT+0200");
Line Deleted : user_pref("CT1460988.WeatherUnit", "C");
Line Deleted : user_pref("CT1460988.backendstorage.shpngrd_evnts", "30");
Line Deleted : user_pref("CT1460988.clientLogIsEnabled", true);
Line Deleted : user_pref("CT1460988.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1460988.ct1460988.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1460988.ct1460988.FeedLastCount128460900971181341", 173);
Line Deleted : user_pref("CT1460988.ct1460988.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT1460988.ct1460988.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT1460988.ct1460988.GroupingLastCheckTime", "Thu Aug 05 2010 18:11:33 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT1460988.ct1460988.GroupingLastResponse", true);
Line Deleted : user_pref("CT1460988.ct1460988.GroupingLastServerUpdateTime", "129254903585000000");
Line Deleted : user_pref("CT1460988.ct1460988.InvalidateCache", false);
Line Deleted : user_pref("CT1460988.ct1460988.LanguagePackLastCheckTime", "Thu Aug 05 2010 18:11:35 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.Locale", "en-us");
Line Deleted : user_pref("CT1460988.ct1460988.RadioLastCheckTime", "Thu Aug 05 2010 18:11:36 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT1460988.ct1460988.RadioLastUpdateServer", "128929877726170000");
Line Deleted : user_pref("CT1460988.ct1460988.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1460988&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT1460988.ct1460988.SearchInNewTabLastCheckTime", "Thu Aug 05 2010 18:11:35 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT1460988.ct1460988.SettingsLastCheckTime", "Thu Aug 05 2010 18:11:33 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.SettingsLastUpdate", "1281009558");
Line Deleted : user_pref("CT1460988.ct1460988.ThirdPartyComponentsLastCheck", "Thu Aug 05 2010 18:11:33 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT1460988.ct1460988.ToggleComponentState129160818675915142", true);
Line Deleted : user_pref("CT1460988.myStuffEnabled", true);
Line Deleted : user_pref("CT1460988.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT1460988.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT1460988.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT1460988.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT1460988.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=VD&o=14778&locale=en_EU&apn_uid=7056576F-2554-4B52-8F53-23C359AE326C&apn_ptnrs=VX&apn_[...]
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1460988");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Deleted : user_pref("extensions.asktb.cbid", "VX");
Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all");
Line Deleted : user_pref("extensions.asktb.first-launch-url", "hxxp://www.adon-demand.de/red/2372/");
Line Deleted : user_pref("extensions.asktb.fresh-install", false);
Line Deleted : user_pref("extensions.asktb.l", "dis");
Line Deleted : user_pref("extensions.asktb.last-config-req", "1281001099196");
Line Deleted : user_pref("extensions.asktb.locale", "en_EU");
Line Deleted : user_pref("extensions.asktb.o", "14778");
Line Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
Line Deleted : user_pref("extensions.asktb.r", "2");
Line Deleted : user_pref("extensions.asktb.search-history-queries", "HOTEL VLTAVA");
Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Line Deleted : user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,toolbar@ask.com:3.4.3.105,msntoolbar@msn.com:5.0,{27182e60-b5f3-411c-b5[...]
-\\ Google Chrome v36.0.1985.143
[ File : C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : ielefkgbofdpglioecfjcbikholflklb
*************************
AdwCleaner[R0].txt - [46583 octets] - [23/08/2014 13:14:22]
AdwCleaner[S0].txt - [45998 octets] - [23/08/2014 13:17:28]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [46059 octets] ##########
# Updated 20/08/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Moris Jan - MORISJAN-PC
# Running from : C:\Users\Moris Jan\Desktop\adwcleaner_3.308.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Converter
Folder Deleted : C:\Program Files\Advanced System Protector
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\BabylonToolbar
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Desk 365
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\FunWebProducts
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\iLivid
Folder Deleted : C:\Program Files\Optimizer Pro
Folder Deleted : C:\Program Files\RegClean Pro
Folder Deleted : C:\Program Files\RewardsArcadeSuite
Folder Deleted : C:\Program Files\Systweak Support Dock
Folder Deleted : C:\Program Files\TornTV.com
Folder Deleted : C:\Program Files\Trymedia
Folder Deleted : C:\Program Files\VideoConverter
Folder Deleted : C:\Program Files\WinZip Registry Optimizer
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\TheTorntv V10
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Moris Jan\AppData\Local\Babylon
Folder Deleted : C:\Users\Moris Jan\AppData\Local\Conduit
Folder Deleted : C:\Users\Moris Jan\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Moris Jan\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Moris Jan\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Moris Jan\AppData\Local\Pokki
Folder Deleted : C:\Users\Moris Jan\AppData\Local\RewardsArcadeSuite
Folder Deleted : C:\Users\Moris Jan\AppData\Local\TheTorntv V10
Folder Deleted : C:\Users\Moris Jan\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Moris Jan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Moris Jan\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Moris Jan\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Desk 365
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\uu7klb0j.default\Conduit
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\uu7klb0j.default\CT1460988
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\uu7klb0j.default\Extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
Folder Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\Extensions\44e4876d5886435183fea8e@44f892d6c2ac4a44858c85e3636.com
Folder Deleted : C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb
File Deleted : C:\Users\Moris Jan\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Moris Jan\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\Moris Jan\Desktop\TornTV.lnk
File Deleted : C:\Program Files\Mozilla Firefox\Components\AskHPRFF.js
File Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\uu7klb0j.default\searchplugins\Askcom.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\searchplugins\bingp.xml
File Deleted : C:\Program Files\Mozilla Firefox\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : Desk 365 RunAsStdUser
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-1
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-11
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-2
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-3
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-4
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-5
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-5_user
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-6
Task Deleted : 15f435f1-08a6-4eb3-a7b1-3160913a53ab-7
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verdict Free\Internetový překladač.lnk
Shortcut Disinfected : C:\Users\Moris Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ielefkgbofdpglioecfjcbikholflklb
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061855.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061855.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061855.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0061855.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1460988
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611181155}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622182255}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655185555}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666186655}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644184455}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611181155}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611181155}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6EF6C45-5E8D-4C3B-B580-A5073261A381}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611181155}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\SiteRanker
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\TheTorntv V10
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Desksvc
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\FunWebProducts
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\ilivid
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\qvo6Software
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\TheTorntv V10
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\V9
Key Deleted : HKLM\SOFTWARE\winzipersvc
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TheTorntv V10
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16563
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
-\\ Mozilla Firefox v31.0 (x86 cs)
[ File : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\prefs.js ]
Line Deleted : user_pref("extensions.a44e4876d5886435183fea8e44f892d6c2ac4a44858c85e3636com61855.61855.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D[...]
Line Deleted : user_pref("extensions.crossrider.bic", "1476eece2f29e39771a4499d0ec935f1");
Line Deleted : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394116757269");
[ File : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\ebkpavo6.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[ File : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\g2yn5piz.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[ File : C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\uu7klb0j.default\prefs.js ]
Line Deleted : user_pref("CT1460988.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT1460988.CT1667811.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1668860.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1668889.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1669100.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1669115.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1670222.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1670245.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1729581.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1729585.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1729587.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT1729593.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT2164362.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT2651538.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CT2651538.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1460988.CT2651538.FeedLastCount129198783342596396", 173);
Line Deleted : user_pref("CT1460988.CT2651538.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT1460988.CT2651538.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT1460988.CT2651538.GroupingLastCheckTime", "Thu Aug 05 2010 18:25:18 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT1460988.CT2651538.GroupingLastResponse", true);
Line Deleted : user_pref("CT1460988.CT2651538.GroupingLastServerUpdateTime", "129246421652530000");
Line Deleted : user_pref("CT1460988.CT2651538.InvalidateCache", false);
Line Deleted : user_pref("CT1460988.CT2651538.LanguagePackLastCheckTime", "Thu Aug 05 2010 18:25:19 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.Locale", "en-us");
Line Deleted : user_pref("CT1460988.CT2651538.RadioLastCheckTime", "Thu Aug 05 2010 18:25:18 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT1460988.CT2651538.RadioLastUpdateServer", "3");
Line Deleted : user_pref("CT1460988.CT2651538.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2651538&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT1460988.CT2651538.SearchInNewTabLastCheckTime", "Thu Aug 05 2010 18:25:18 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT1460988.CT2651538.SettingsLastCheckTime", "Thu Aug 05 2010 18:25:17 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.SettingsLastUpdate", "1280161365");
Line Deleted : user_pref("CT1460988.CT2651538.ThirdPartyComponentsLastCheck", "Thu Aug 05 2010 18:25:17 GMT+0200");
Line Deleted : user_pref("CT1460988.CT2651538.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT1460988.CT2651538.ToggleComponentState129198783343221398", true);
Line Deleted : user_pref("CT1460988.CTID", "CT1460988");
Line Deleted : user_pref("CT1460988.CommunitiesChangesLastCheckTime", "Thu Aug 05 2010 18:26:01 GMT+0200");
Line Deleted : user_pref("CT1460988.CommunitiesStatus.CT1460988", 0);
Line Deleted : user_pref("CT1460988.CommunitiesStatus.CT2651538", 0);
Line Deleted : user_pref("CT1460988.CommunityChanged", true);
Line Deleted : user_pref("CT1460988.CurrentServerDate", "5-8-2010");
Line Deleted : user_pref("CT1460988.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1460988.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT1460988.EMailNotifierPollDate", "Thu Aug 05 2010 18:24:41 GMT+0200");
Line Deleted : user_pref("CT1460988.ExternalComponentPollDate129239308604258837", "Thu Aug 05 2010 18:11:34 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedLastCount128460900971181341", 173);
Line Deleted : user_pref("CT1460988.FeedPollDate128460898315556274", "Thu Aug 05 2010 18:11:34 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedPollDate128460899415556929", "Thu Aug 05 2010 18:11:34 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedPollDate128460899564463182", "Thu Aug 05 2010 18:11:34 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedPollDate128460899661963361", "Thu Aug 05 2010 18:11:34 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedPollDate128460899768994715", "Thu Aug 05 2010 18:11:35 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedPollDate128479826070094154", "Thu Aug 05 2010 18:11:35 GMT+0200");
Line Deleted : user_pref("CT1460988.FeedTTL128460898315556274", 5);
Line Deleted : user_pref("CT1460988.FeedTTL128460899415556929", 20);
Line Deleted : user_pref("CT1460988.FeedTTL128460899564463182", 30);
Line Deleted : user_pref("CT1460988.FeedTTL128460899661963361", 15);
Line Deleted : user_pref("CT1460988.FirstServerDate", "5-8-2010");
Line Deleted : user_pref("CT1460988.FirstTime", true);
Line Deleted : user_pref("CT1460988.FirstTimeFF3", true);
Line Deleted : user_pref("CT1460988.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT1460988.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT1460988.GroupingLastCheckTime", "Thu Aug 05 2010 18:11:33 GMT+0200");
Line Deleted : user_pref("CT1460988.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT1460988.GroupingLastResponse", true);
Line Deleted : user_pref("CT1460988.GroupingLastServerUpdateTime", "129254903585000000");
Line Deleted : user_pref("CT1460988.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT1460988.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT1460988.Initialize", true);
Line Deleted : user_pref("CT1460988.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT1460988.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT1460988.InstallationType", "UnknownIntegration");
Line Deleted : user_pref("CT1460988.InstalledDate", "Thu Aug 05 2010 18:11:33 GMT+0200");
Line Deleted : user_pref("CT1460988.InvalidateCache", false);
Line Deleted : user_pref("CT1460988.IsGrouping", true);
Line Deleted : user_pref("CT1460988.IsMulticommunity", false);
Line Deleted : user_pref("CT1460988.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT1460988.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT1460988.LanguagePackLastCheckTime", "Thu Aug 05 2010 18:11:36 GMT+0200");
Line Deleted : user_pref("CT1460988.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT1460988.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT1460988.LastLogin_2.6.0.15", "Thu Aug 05 2010 18:11:35 GMT+0200");
Line Deleted : user_pref("CT1460988.LatestVersion", "2.1.0.18");
Line Deleted : user_pref("CT1460988.Locale", "en-us");
Line Deleted : user_pref("CT1460988.LoginCache", 4);
Line Deleted : user_pref("CT1460988.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT1460988.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT1460988.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT1460988.RadioIsPodcast", false);
Line Deleted : user_pref("CT1460988.RadioLastCheckTime", "Thu Aug 05 2010 18:25:13 GMT+0200");
Line Deleted : user_pref("CT1460988.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT1460988.RadioLastUpdateServer", "128929877726170000");
Line Deleted : user_pref("CT1460988.RadioMediaID", "9962");
Line Deleted : user_pref("CT1460988.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT1460988.RadioMenuSelectedID", "EBRadioMenu_CT14609889962");
Line Deleted : user_pref("CT1460988.RadioStationName", "California%20Rock");
Line Deleted : user_pref("CT1460988.RadioStationURL", "hxxp://feedlive.net/california.asx");
Line Deleted : user_pref("CT1460988.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT1460988.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1460988&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT1460988.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&q=");
Line Deleted : user_pref("CT1460988.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT1460988.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT1460988.SearchInNewTabLastCheckTime", "Thu Aug 05 2010 18:25:12 GMT+0200");
Line Deleted : user_pref("CT1460988.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1460988.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1460988.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT1460988.SettingsLastCheckTime", "Thu Aug 05 2010 18:11:32 GMT+0200");
Line Deleted : user_pref("CT1460988.SettingsLastUpdate", "1281009558");
Line Deleted : user_pref("CT1460988.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT1460988.ThirdPartyComponentsLastCheck", "Thu Aug 05 2010 18:11:31 GMT+0200");
Line Deleted : user_pref("CT1460988.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT1460988.ToggleComponentState129160818675915142", true);
Line Deleted : user_pref("CT1460988.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&so ... sealid=112");
Line Deleted : user_pref("CT1460988.UserID", "UN81789513115779512");
Line Deleted : user_pref("CT1460988.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT1460988.WeatherNetwork", "");
Line Deleted : user_pref("CT1460988.WeatherPollDate", "Thu Aug 05 2010 18:11:36 GMT+0200");
Line Deleted : user_pref("CT1460988.WeatherUnit", "C");
Line Deleted : user_pref("CT1460988.backendstorage.shpngrd_evnts", "30");
Line Deleted : user_pref("CT1460988.clientLogIsEnabled", true);
Line Deleted : user_pref("CT1460988.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1460988.ct1460988.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1460988.ct1460988.FeedLastCount128460900971181341", 173);
Line Deleted : user_pref("CT1460988.ct1460988.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT1460988.ct1460988.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT1460988.ct1460988.GroupingLastCheckTime", "Thu Aug 05 2010 18:11:33 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT1460988.ct1460988.GroupingLastResponse", true);
Line Deleted : user_pref("CT1460988.ct1460988.GroupingLastServerUpdateTime", "129254903585000000");
Line Deleted : user_pref("CT1460988.ct1460988.InvalidateCache", false);
Line Deleted : user_pref("CT1460988.ct1460988.LanguagePackLastCheckTime", "Thu Aug 05 2010 18:11:35 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.Locale", "en-us");
Line Deleted : user_pref("CT1460988.ct1460988.RadioLastCheckTime", "Thu Aug 05 2010 18:11:36 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT1460988.ct1460988.RadioLastUpdateServer", "128929877726170000");
Line Deleted : user_pref("CT1460988.ct1460988.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1460988&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT1460988.ct1460988.SearchInNewTabLastCheckTime", "Thu Aug 05 2010 18:11:35 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT1460988.ct1460988.SettingsLastCheckTime", "Thu Aug 05 2010 18:11:33 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.SettingsLastUpdate", "1281009558");
Line Deleted : user_pref("CT1460988.ct1460988.ThirdPartyComponentsLastCheck", "Thu Aug 05 2010 18:11:33 GMT+0200");
Line Deleted : user_pref("CT1460988.ct1460988.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT1460988.ct1460988.ToggleComponentState129160818675915142", true);
Line Deleted : user_pref("CT1460988.myStuffEnabled", true);
Line Deleted : user_pref("CT1460988.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT1460988.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT1460988.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT1460988.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT1460988.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=VD&o=14778&locale=en_EU&apn_uid=7056576F-2554-4B52-8F53-23C359AE326C&apn_ptnrs=VX&apn_[...]
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1460988");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Deleted : user_pref("extensions.asktb.cbid", "VX");
Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all");
Line Deleted : user_pref("extensions.asktb.first-launch-url", "hxxp://www.adon-demand.de/red/2372/");
Line Deleted : user_pref("extensions.asktb.fresh-install", false);
Line Deleted : user_pref("extensions.asktb.l", "dis");
Line Deleted : user_pref("extensions.asktb.last-config-req", "1281001099196");
Line Deleted : user_pref("extensions.asktb.locale", "en_EU");
Line Deleted : user_pref("extensions.asktb.o", "14778");
Line Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
Line Deleted : user_pref("extensions.asktb.r", "2");
Line Deleted : user_pref("extensions.asktb.search-history-queries", "HOTEL VLTAVA");
Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Line Deleted : user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,toolbar@ask.com:3.4.3.105,msntoolbar@msn.com:5.0,{27182e60-b5f3-411c-b5[...]
-\\ Google Chrome v36.0.1985.143
[ File : C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : ielefkgbofdpglioecfjcbikholflklb
*************************
AdwCleaner[R0].txt - [46583 octets] - [23/08/2014 13:14:22]
AdwCleaner[S0].txt - [45998 octets] - [23/08/2014 13:17:28]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [46059 octets] ##########
Re: Pomaly notebook vyskakuji okna
Než přijde kolega, použijte ještě Mbam a vložte zde log
http://forum.viry.cz/viewtopic.php?f=29&t=137928
http://forum.viry.cz/viewtopic.php?f=29&t=137928
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomaly notebook vyskakuji okna
Omlouvam se za pozdni odpoved, byl jsem bez netu.
Ten MBAM urcite udelejte a podle vysledku zvolim dalsi postup
Ten MBAM urcite udelejte a podle vysledku zvolim dalsi postup
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomaly notebook vyskakuji okna
Program skenuje skoro 4 hodiny. Nalezne 141 hrozeb když dam exportovat zaznam a uložit program spadne. už jsem to zkoušel 3x pokažde to spadlo.
Re: Pomaly notebook vyskakuji okna
Zkuste to v nouzovem rezimu. Pripadne vysledky vyfotte a poslete treba na mail (adresa v podpisu). Nebo hodte vsechny nalezy do karanteny a po restartu pc by se mel objevit log, kde se dovim, co a kde bylo. V pripade potreby to z karanteny zase muzem vytahnout.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomaly notebook vyskakuji okna
Dalši scan našel 12 chyb. Dáno do karanteny foto zaslano mailem.
V karanteně nic nemazat??
Po odinstalovani programu to v karanteně zustane??
V karanteně nic nemazat??
Po odinstalovani programu to v karanteně zustane??
Re: Pomaly notebook vyskakuji okna
Pokud je vse v karantene, MBAM odinstalujte, tim zmizi i karantena.
Dejte novy log z RSIT
Dejte novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomaly notebook vyskakuji okna
Logfile of random's system information tool 1.10 (written by random/random)
Run by Moris Jan at 2014-09-08 07:19:57
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 100 GB (34%) free of 297 GB
Total RAM: 1790 MB (13% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:21:23, on 8.9.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16563)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Nero\Tools\InCD\NBHGui.exe
C:\Program Files\Nero\Tools\InCD\InCD.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Moris Jan\Downloads\RSIT.exe
C:\Program Files\trend micro\Moris Jan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Lišta Centrum.cz - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NBHGui] C:\Program Files\Nero\Tools\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Tools\InCD\InCD.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... 732de4b468
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User '?')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - (no file)
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - (no file)
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - (no file)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10521 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf94fa94710a2e.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\NeroLiveEpgUpdate-MorisJan-PC_Moris-Jan.job - C:\Program Files\Nero\Nero 9\Nero Live\NeroLive.exe /silentepgupdate
=========Mozilla firefox=========
ProfilePath - C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "about:home"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
nppdf32.dll
C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\
artur.dubovoy@gmail.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-16 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - Lišta Centrum.cz - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-10-06 210216]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2009-09-08 468264]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-01-12 49208]
"NBHGui"=C:\Program Files\Nero\Tools\InCD\NBHGui.exe [2009-10-16 1600816]
"InCD"=C:\Program Files\Nero\Tools\InCD\InCD.exe [2009-10-16 1060136]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 13797920]
""= []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2011-12-12 103896]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"Nikon Message Center 2"=C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-22 30192]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... 732de4b468 []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-07-24 21653096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=L3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.ffds"=ffdshow.ax
"msacm.ac3filter"=ac3filter.acm
"VIDC.FMVC"=fmcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-09-05 14:31:58 ----A---- C:\vir.txt
2014-09-02 11:15:44 ----A---- C:\Windows\system32\win32k.sys
2014-09-02 11:15:43 ----A---- C:\Windows\system32\gdi32.dll
2014-08-28 13:11:37 ----D---- C:\ProgramData\Malwarebytes
2014-08-28 13:11:37 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-08-23 13:17:11 ----A---- C:\Windows\system32\sqlite3.dll
2014-08-23 13:14:19 ----D---- C:\AdwCleaner
2014-08-22 13:01:57 ----D---- C:\Program Files\trend micro
2014-08-22 13:01:56 ----D---- C:\rsit
2014-08-20 09:01:11 ----D---- C:\Program Files\Common Files\Skype
2014-08-19 08:35:24 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-19 08:35:23 ----A---- C:\Windows\system32\icardres.dll
2014-08-19 08:35:23 ----A---- C:\Windows\system32\icardagt.exe
2014-08-19 08:35:08 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-16 08:46:42 ----A---- C:\Windows\system32\msi.dll
2014-08-16 08:46:41 ----A---- C:\Windows\system32\msihnd.dll
2014-08-16 08:46:41 ----A---- C:\Windows\system32\consent.exe
2014-08-16 08:46:41 ----A---- C:\Windows\system32\authui.dll
2014-08-16 08:46:41 ----A---- C:\Windows\system32\appinfo.dll
2014-08-16 08:46:27 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-16 08:46:26 ----A---- C:\Windows\system32\cdd.dll
2014-08-16 08:46:17 ----A---- C:\Windows\system32\vbscript.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\wininet.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\jscript9.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\jscript.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\ieui.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-16 08:46:13 ----A---- C:\Windows\system32\mshtml.dll
2014-08-16 08:46:09 ----A---- C:\Windows\system32\urlmon.dll
2014-08-16 08:46:09 ----A---- C:\Windows\system32\mshta.exe
2014-08-16 08:46:09 ----A---- C:\Windows\system32\msfeedssync.exe
2014-08-16 08:46:09 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-08-16 08:46:09 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-16 08:46:08 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-16 08:46:08 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-16 08:46:07 ----A---- C:\Windows\system32\url.dll
2014-08-16 08:46:07 ----A---- C:\Windows\system32\iertutil.dll
2014-08-16 08:46:07 ----A---- C:\Windows\system32\ieframe.dll
2014-08-16 08:45:51 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 1 month======
2014-09-08 07:20:57 ----D---- C:\Windows\Temp
2014-09-08 07:20:29 ----D---- C:\Windows\Prefetch
2014-09-08 07:13:38 ----D---- C:\Windows\system32\drivers
2014-09-08 07:11:25 ----D---- C:\ProgramData\MFAData
2014-09-08 07:07:57 ----A---- C:\ProgramData\hpqp.ini
2014-09-06 04:50:05 ----AD---- C:\ProgramData\Temp
2014-09-06 02:05:26 ----SHD---- C:\System Volume Information
2014-09-06 00:37:00 ----D---- C:\Windows\system32\catroot2
2014-09-05 14:57:34 ----D---- C:\Users\Moris Jan\AppData\Roaming\Skype
2014-09-05 14:53:19 ----D---- C:\Windows
2014-09-05 14:51:20 ----SHD---- C:\Config.Msi
2014-09-05 14:23:51 ----HD---- C:\ProgramData
2014-09-05 10:52:21 ----SHD---- C:\Windows\Installer
2014-09-04 17:16:28 ----D---- C:\Windows\Tasks
2014-09-04 17:14:27 ----D---- C:\Windows\inf
2014-09-02 11:41:44 ----D---- C:\Windows\System32
2014-09-02 11:21:09 ----D---- C:\Windows\winsxs
2014-09-02 11:20:27 ----D---- C:\Windows\system32\catroot
2014-08-29 18:16:21 ----D---- C:\Windows\system32\Tasks
2014-08-28 13:11:37 ----D---- C:\Program Files
2014-08-23 13:18:11 ----D---- C:\Program Files\Mozilla Firefox
2014-08-23 13:17:39 ----D---- C:\Program Files\Common Files
2014-08-20 09:01:19 ----D---- C:\ProgramData\Skype
2014-08-19 16:33:11 ----D---- C:\Windows\Microsoft.NET
2014-08-19 16:30:18 ----RSD---- C:\Windows\assembly
2014-08-19 14:00:11 ----D---- C:\Windows\rescache
2014-08-19 09:40:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-19 09:28:30 ----D---- C:\Windows\system32\sk-SK
2014-08-19 09:28:30 ----D---- C:\Windows\system32\cs-CZ
2014-08-19 09:28:21 ----D---- C:\Windows\system32\en-US
2014-08-19 09:28:05 ----D---- C:\Windows\system32\migration
2014-08-19 09:28:04 ----D---- C:\Program Files\Internet Explorer
2014-08-19 09:11:51 ----D---- C:\Windows\system32\MRT
2014-08-19 08:47:15 ----A---- C:\Windows\system32\mrt.exe
2014-08-11 08:39:35 ----D---- C:\ProgramData\AVG2014
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2014-08-06 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-07-21 200984]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 InCDRec;Nero UDF File System Recognizer Driver; C:\Windows\system32\DRIVERS\InCDRec.sys [2009-10-16 19096]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 InCDFs;Nero UDF File System Driver; C:\Windows\system32\DRIVERS\InCDFs.sys [2009-10-16 130200]
R3 InCDPass;Nero InCDPass Driver; C:\Windows\system32\DRIVERS\InCDPass.sys [2009-10-16 48280]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-25 14848]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-03-14 47360]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-04-23 64512]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2011-03-25 94336]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2008-01-21 11264]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 InCDSrv;InCD Helper; C:\Program Files\Nero\Tools\InCD\InCDSrv.exe [2009-10-16 1420592]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe [2009-10-16 53560]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [2011-12-20 196904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-12-12 793048]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-09-15 241734]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11 262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-22 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-12 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-31 119408]
S3 NtmsSvc;@%SystemRoot%\system32\ntmssvc.dll,-2; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-04-11 71168]
-----------------EOF-----------------
Run by Moris Jan at 2014-09-08 07:19:57
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 100 GB (34%) free of 297 GB
Total RAM: 1790 MB (13% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:21:23, on 8.9.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16563)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Nero\Tools\InCD\NBHGui.exe
C:\Program Files\Nero\Tools\InCD\InCD.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Moris Jan\Downloads\RSIT.exe
C:\Program Files\trend micro\Moris Jan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Lišta Centrum.cz - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NBHGui] C:\Program Files\Nero\Tools\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Tools\InCD\InCD.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... 732de4b468
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User '?')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - (no file)
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - (no file)
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - (no file)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10521 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf94fa94710a2e.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\NeroLiveEpgUpdate-MorisJan-PC_Moris-Jan.job - C:\Program Files\Nero\Nero 9\Nero Live\NeroLive.exe /silentepgupdate
=========Mozilla firefox=========
ProfilePath - C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "about:home"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
nppdf32.dll
C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\
artur.dubovoy@gmail.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-16 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - Lišta Centrum.cz - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-10-06 210216]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2009-09-08 468264]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-01-12 49208]
"NBHGui"=C:\Program Files\Nero\Tools\InCD\NBHGui.exe [2009-10-16 1600816]
"InCD"=C:\Program Files\Nero\Tools\InCD\InCD.exe [2009-10-16 1060136]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 13797920]
""= []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2011-12-12 103896]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"Nikon Message Center 2"=C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-22 30192]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... 732de4b468 []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-07-24 21653096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=L3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.ffds"=ffdshow.ax
"msacm.ac3filter"=ac3filter.acm
"VIDC.FMVC"=fmcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-09-05 14:31:58 ----A---- C:\vir.txt
2014-09-02 11:15:44 ----A---- C:\Windows\system32\win32k.sys
2014-09-02 11:15:43 ----A---- C:\Windows\system32\gdi32.dll
2014-08-28 13:11:37 ----D---- C:\ProgramData\Malwarebytes
2014-08-28 13:11:37 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-08-23 13:17:11 ----A---- C:\Windows\system32\sqlite3.dll
2014-08-23 13:14:19 ----D---- C:\AdwCleaner
2014-08-22 13:01:57 ----D---- C:\Program Files\trend micro
2014-08-22 13:01:56 ----D---- C:\rsit
2014-08-20 09:01:11 ----D---- C:\Program Files\Common Files\Skype
2014-08-19 08:35:24 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-19 08:35:23 ----A---- C:\Windows\system32\icardres.dll
2014-08-19 08:35:23 ----A---- C:\Windows\system32\icardagt.exe
2014-08-19 08:35:08 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-16 08:46:42 ----A---- C:\Windows\system32\msi.dll
2014-08-16 08:46:41 ----A---- C:\Windows\system32\msihnd.dll
2014-08-16 08:46:41 ----A---- C:\Windows\system32\consent.exe
2014-08-16 08:46:41 ----A---- C:\Windows\system32\authui.dll
2014-08-16 08:46:41 ----A---- C:\Windows\system32\appinfo.dll
2014-08-16 08:46:27 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-16 08:46:26 ----A---- C:\Windows\system32\cdd.dll
2014-08-16 08:46:17 ----A---- C:\Windows\system32\vbscript.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\wininet.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\jscript9.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\jscript.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\ieui.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-16 08:46:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-16 08:46:13 ----A---- C:\Windows\system32\mshtml.dll
2014-08-16 08:46:09 ----A---- C:\Windows\system32\urlmon.dll
2014-08-16 08:46:09 ----A---- C:\Windows\system32\mshta.exe
2014-08-16 08:46:09 ----A---- C:\Windows\system32\msfeedssync.exe
2014-08-16 08:46:09 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-08-16 08:46:09 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-16 08:46:08 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-16 08:46:08 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-16 08:46:07 ----A---- C:\Windows\system32\url.dll
2014-08-16 08:46:07 ----A---- C:\Windows\system32\iertutil.dll
2014-08-16 08:46:07 ----A---- C:\Windows\system32\ieframe.dll
2014-08-16 08:45:51 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 1 month======
2014-09-08 07:20:57 ----D---- C:\Windows\Temp
2014-09-08 07:20:29 ----D---- C:\Windows\Prefetch
2014-09-08 07:13:38 ----D---- C:\Windows\system32\drivers
2014-09-08 07:11:25 ----D---- C:\ProgramData\MFAData
2014-09-08 07:07:57 ----A---- C:\ProgramData\hpqp.ini
2014-09-06 04:50:05 ----AD---- C:\ProgramData\Temp
2014-09-06 02:05:26 ----SHD---- C:\System Volume Information
2014-09-06 00:37:00 ----D---- C:\Windows\system32\catroot2
2014-09-05 14:57:34 ----D---- C:\Users\Moris Jan\AppData\Roaming\Skype
2014-09-05 14:53:19 ----D---- C:\Windows
2014-09-05 14:51:20 ----SHD---- C:\Config.Msi
2014-09-05 14:23:51 ----HD---- C:\ProgramData
2014-09-05 10:52:21 ----SHD---- C:\Windows\Installer
2014-09-04 17:16:28 ----D---- C:\Windows\Tasks
2014-09-04 17:14:27 ----D---- C:\Windows\inf
2014-09-02 11:41:44 ----D---- C:\Windows\System32
2014-09-02 11:21:09 ----D---- C:\Windows\winsxs
2014-09-02 11:20:27 ----D---- C:\Windows\system32\catroot
2014-08-29 18:16:21 ----D---- C:\Windows\system32\Tasks
2014-08-28 13:11:37 ----D---- C:\Program Files
2014-08-23 13:18:11 ----D---- C:\Program Files\Mozilla Firefox
2014-08-23 13:17:39 ----D---- C:\Program Files\Common Files
2014-08-20 09:01:19 ----D---- C:\ProgramData\Skype
2014-08-19 16:33:11 ----D---- C:\Windows\Microsoft.NET
2014-08-19 16:30:18 ----RSD---- C:\Windows\assembly
2014-08-19 14:00:11 ----D---- C:\Windows\rescache
2014-08-19 09:40:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-19 09:28:30 ----D---- C:\Windows\system32\sk-SK
2014-08-19 09:28:30 ----D---- C:\Windows\system32\cs-CZ
2014-08-19 09:28:21 ----D---- C:\Windows\system32\en-US
2014-08-19 09:28:05 ----D---- C:\Windows\system32\migration
2014-08-19 09:28:04 ----D---- C:\Program Files\Internet Explorer
2014-08-19 09:11:51 ----D---- C:\Windows\system32\MRT
2014-08-19 08:47:15 ----A---- C:\Windows\system32\mrt.exe
2014-08-11 08:39:35 ----D---- C:\ProgramData\AVG2014
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2014-08-06 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-07-21 200984]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 InCDRec;Nero UDF File System Recognizer Driver; C:\Windows\system32\DRIVERS\InCDRec.sys [2009-10-16 19096]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 InCDFs;Nero UDF File System Driver; C:\Windows\system32\DRIVERS\InCDFs.sys [2009-10-16 130200]
R3 InCDPass;Nero InCDPass Driver; C:\Windows\system32\DRIVERS\InCDPass.sys [2009-10-16 48280]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-25 14848]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-03-14 47360]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-04-23 64512]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2011-03-25 94336]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2008-01-21 11264]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 InCDSrv;InCD Helper; C:\Program Files\Nero\Tools\InCD\InCDSrv.exe [2009-10-16 1420592]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe [2009-10-16 53560]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [2011-12-20 196904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-12-12 793048]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-09-15 241734]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11 262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-22 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-12 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-31 119408]
S3 NtmsSvc;@%SystemRoot%\system32\ntmssvc.dll,-2; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-04-11 71168]
-----------------EOF-----------------
Re: Pomaly notebook vyskakuji okna
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomaly notebook vyskakuji okna
OTL logfile created on: 8.9.2014 18:01:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Moris Jan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,75 Gb Total Physical Memory | 0,63 Gb Available Physical Memory | 35,78% Memory free
3,74 Gb Paging File | 2,34 Gb Available in Paging File | 62,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,62 Gb Total Space | 98,72 Gb Free Space | 34,08% Space Free | Partition Type: NTFS
Drive D: | 8,47 Gb Total Space | 1,59 Gb Free Space | 18,82% Space Free | Partition Type: NTFS
Computer Name: MORISJAN-PC | User Name: Moris Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.09.08 17:59:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moris Jan\Desktop\OTL.exe
PRC - [2014.08.25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2014.08.25 11:40:08 | 000,846,864 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2014.08.25 11:39:18 | 000,643,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2014.08.25 11:39:12 | 000,838,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2014.08.25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2014.08.25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2014.08.25 11:31:58 | 000,657,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2014.07.31 11:04:26 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.20 11:11:46 | 000,196,904 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
PRC - [2011.12.12 14:07:00 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2011.12.12 14:06:58 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2009.10.16 10:44:18 | 000,053,560 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe
PRC - [2009.10.16 10:44:14 | 001,600,816 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Tools\InCD\NBHGui.exe
PRC - [2009.10.16 10:44:10 | 001,420,592 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
PRC - [2009.10.16 10:44:06 | 001,060,136 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Tools\InCD\InCD.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.10.06 10:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2008.09.30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2007.09.14 07:02:10 | 001,080,264 | ---- | M] (C. Ghisler & Co.) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2007.02.20 11:07:40 | 000,199,752 | ---- | M] (Pinnacle Systems GmbH) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
========== Modules (No Company Name) ==========
MOD - [2014.07.31 11:04:21 | 003,800,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2009.09.08 15:18:26 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
========== Services (SafeList) ==========
SRV - [2014.08.25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014.08.25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014.07.31 11:04:22 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.07.11 16:00:31 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.12.20 11:11:46 | 000,196,904 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe -- (NitroReaderDriverReadSpool2)
SRV - [2011.12.12 14:07:00 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010.04.21 19:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.04.21 19:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009.10.16 10:44:18 | 000,053,560 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe -- (NeroRegInCDSrv)
SRV - [2009.10.16 10:44:10 | 001,420,592 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Tools\InCD\InCDSrv.exe -- (InCDSrv)
SRV - [2009.04.11 08:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008.10.06 10:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008.09.30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.02.03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [File_System | On_Demand | Running] -- C:\Windows\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2014.08.06 10:49:48 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2014.07.21 21:03:22 | 000,200,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2014.06.30 12:43:12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014.06.17 16:22:02 | 000,188,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2014.06.17 16:21:22 | 000,197,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014.06.17 16:18:00 | 000,241,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014.06.17 16:17:58 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014.06.17 16:06:22 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2014.06.17 16:06:20 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011.03.25 14:35:19 | 000,094,336 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV - [2010.01.27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009.10.16 10:43:04 | 000,130,200 | ---- | M] (Nero AG) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\InCDFs.sys -- (InCDFs)
DRV - [2009.10.16 10:42:58 | 000,019,096 | ---- | M] (Nero AG) [File_System | System | Running] -- C:\Windows\System32\drivers\InCDRec.sys -- (InCDRec)
DRV - [2009.10.16 10:42:50 | 000,048,280 | ---- | M] (Nero AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2009.09.05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.23 22:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.05.09 21:17:32 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.04.25 00:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.01.29 15:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007.10.18 01:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.06.18 18:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{89F0EFA3-627F-4666-B6B5-BA622E51008A}: "URL" = http://slirsredirect.search.aol.com/sli ... bie7-cs-cz
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes\{B5088F42-2168-4891-AAEC-D56D305F9798}: "URL" = http://www.bing.com/search?FORM=DCF4DF& ... -SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-18\..\SearchScopes\{B5088F42-2168-4891-AAEC-D56D305F9798}: "URL" = http://www.bing.com/search?FORM=DCF4DF& ... -SearchBox
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Moris Jan\Desktop
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes,DefaultScope = AE929DE2FC344FE08074098FBC9B928E
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{04610950-1FB7-4B21-9EA4-4E53D2912793}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{252E6241-9506-4A49-B439-DAC7FC915E1B}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2737658
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{2BDB178A-DE3D-44EE-85C1-566ADEF0D457}: "URL" = http://www2.inbox.com/search/dispatcher ... 923&lng=cs
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{3EC4DBFF-46C7-4964-AB26-60E942F7387C}: "URL" = http://encyklopedie.seznam.cz/search?s= ... rer:source?}
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{89F0EFA3-627F-4666-B6B5-BA622E51008A}: "URL" = http://slirsredirect.search.aol.com/sli ... bie7-cs-cz
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\AE929DE2FC344FE08074098FBC9B928E: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Moris Jan\Desktop
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = AE929DE2FC344FE08074098FBC9B928E
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{04610950-1FB7-4B21-9EA4-4E53D2912793}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{252E6241-9506-4A49-B439-DAC7FC915E1B}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2737658
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{2BDB178A-DE3D-44EE-85C1-566ADEF0D457}: "URL" = http://www2.inbox.com/search/dispatcher ... 923&lng=cs
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{3EC4DBFF-46C7-4964-AB26-60E942F7387C}: "URL" = http://encyklopedie.seznam.cz/search?s= ... rer:source?}
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{89F0EFA3-627F-4666-B6B5-BA622E51008A}: "URL" = http://slirsredirect.search.aol.com/sli ... bie7-cs-cz
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\AE929DE2FC344FE08074098FBC9B928E: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Amazon "
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: lmnPopVideo%40lshai.com:0.6.8
FF - prefs.js..extensions.enabledAddons: 1clickImageDownloadOverlay%40final.ca:1.3
FF - prefs.js..extensions.enabledAddons: %7B46551EC9-40F0-4e47-8E18-8E5CF550CFB8%7D:1.4.3
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:6.1.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.24
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014.08.23 13:18:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.07.31 11:04:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014.08.23 13:18:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.07.31 11:04:01 | 000,000,000 | ---D | M]
[2013.10.11 18:48:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Extensions
[2014.09.08 07:29:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\cvcp5k1n.default\extensions
[2014.09.06 09:27:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.08.01 10:05:36 | 000,000,000 | ---D | M] ("Flash Video Downloader - YouTube Full HD Download") -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com
[2011.12.27 16:41:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\ebkpavo6.default\extensions
[2011.12.27 16:41:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\g2yn5piz.default\extensions
[2014.08.23 13:18:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\uu7klb0j.default\extensions
[2010.06.22 15:40:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\uu7klb0j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2014.01.10 19:33:14 | 000,006,324 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\1clickImageDownloadOverlay@final.ca.xpi
[2014.09.05 00:03:57 | 000,201,091 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
[2014.05.15 16:43:34 | 000,395,854 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\ffext_basicvideoext@startpage24.xpi
[2014.02.19 19:13:52 | 000,020,112 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\jid0-HbNL9qqBkuuKRhJ9ncTonCky1HU@jetpack.xpi
[2014.09.08 07:29:14 | 000,026,047 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\jid1-9tZMAIdeuiEjHg@jetpack.xpi
[2013.10.18 18:22:45 | 000,039,858 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\lmnPopVideo@lshai.com.xpi
[2014.05.02 10:44:14 | 000,293,729 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
[2014.08.23 13:39:29 | 000,135,503 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi
[2014.09.08 07:29:16 | 000,020,016 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2014.05.02 06:58:55 | 000,731,942 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2014.08.23 13:18:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014.07.31 11:03:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.07.31 11:04:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - homepage: http://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Dokumenty Google = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávánà Google = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: TheTorntv V10 = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\giccehglhacakcfemddmfhdkahamfcmd\16098.1852.9732_0\
CHR - Extension: Pen\u011b\u017eenka Google = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Lišta Centrum.cz - pomocný objekt) - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll ()
O3 - HKLM\..\Toolbar: (Lišta Centrum.cz) - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Tools\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [NBHGui] C:\Program Files\Nero\Tools\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O9 - Extra Button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.200.48.55 81.200.48.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4EF9B73C-55A3-4B98-B1CD-E32AF3A1632C}: DhcpNameServer = 81.200.48.48 81.200.48.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FF104A8-E3F9-4083-995F-860022E3F39E}: DhcpNameServer = 81.200.48.55 81.200.48.11
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Moris Jan\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Moris Jan\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a5b33ade-02d3-11e0-bfee-001f1668b880}\Shell - "" = Autorun
O33 - MountPoints2\{a5b33ade-02d3-11e0-bfee-001f1668b880}\Shell\AutoRun\command - "" = F:\Install_Nokia_Ovi_Suite.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Windows\System32\ffdshow.ax ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.09.08 17:59:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Moris Jan\Desktop\OTL.exe
[2014.09.02 11:15:44 | 002,054,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014.08.28 13:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014.08.28 13:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.08.23 13:17:11 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014.08.23 13:14:19 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.08.22 13:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.08.22 13:01:56 | 000,000,000 | ---D | C] -- C:\rsit
[2014.08.20 09:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014.08.19 08:35:24 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2014.08.19 08:35:23 | 000,619,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2014.08.19 08:35:23 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2014.08.19 08:35:08 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2014.08.16 08:46:41 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014.08.16 08:46:41 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2014.08.16 08:46:41 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2014.08.16 08:46:26 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2014.08.16 08:46:16 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.08.16 08:46:16 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014.08.16 08:46:16 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014.08.16 08:46:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.08.16 08:46:09 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.08.16 08:46:09 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014.08.16 08:46:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014.08.16 08:46:08 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.08.16 08:46:08 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.08.16 08:46:08 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.08.16 08:46:08 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.08.16 08:46:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014.08.16 08:45:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.03.14 10:59:23 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Moris Jan\AppData\Roaming\pcouffin.sys
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.09.08 18:06:08 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.09.08 17:59:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moris Jan\Desktop\OTL.exe
[2014.09.08 17:54:28 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.09.08 17:54:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014.09.08 17:54:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014.09.08 17:54:04 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.09.08 17:54:03 | 000,119,855 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2014.09.08 17:53:57 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf94fa94710a2e.job
[2014.09.08 17:53:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.09.08 07:07:57 | 000,000,250 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2014.09.08 07:05:46 | 000,119,855 | ---- | M] () -- C:\ProgramData\nvModes.001
[2014.09.08 07:05:35 | 1877,274,624 | -HS- | M] () -- C:\hiberfil.sys
[2014.09.06 00:13:58 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\NeroLiveEpgUpdate-MorisJan-PC_Moris-Jan.job
[2014.09.05 10:46:07 | 000,000,814 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014.09.02 11:56:01 | 000,439,624 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.08.23 13:12:35 | 001,364,531 | ---- | M] () -- C:\Users\Moris Jan\Desktop\adwcleaner_3.308.exe
[2014.08.23 01:26:28 | 002,054,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014.08.19 09:40:42 | 000,687,182 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.08.19 09:40:42 | 000,673,968 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.08.19 09:40:42 | 000,154,186 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.08.19 09:40:42 | 000,132,854 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.09.08 18:06:08 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.08.23 13:12:34 | 001,364,531 | ---- | C] () -- C:\Users\Moris Jan\Desktop\adwcleaner_3.308.exe
[2013.09.08 13:54:55 | 000,000,097 | ---- | C] () -- C:\Users\Moris Jan\AppData\Local\fusioncache.dat
[2013.07.15 19:41:46 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Contents
[2013.07.15 19:41:46 | 000,000,268 | RH-- | C] () -- C:\Users\Moris Jan\AppData\Roaming\Compressor
[2013.07.15 19:41:46 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013.07.15 19:41:46 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Digital Light
[2013.07.15 19:40:09 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Contextual Menu Items
[2013.07.15 19:40:09 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Console
[2013.07.15 19:40:09 | 000,000,268 | RH-- | C] () -- C:\Users\Moris Jan\AppData\Roaming\Conditionals
[2013.07.15 19:40:09 | 000,000,268 | RH-- | C] () -- C:\Users\Moris Jan\AppData\Roaming\Components
[2013.07.15 19:40:09 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013.07.15 19:40:09 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013.07.15 19:40:09 | 000,000,012 | RH-- | C] () -- C:\ProgramData\DirectoryService
[2013.07.15 19:37:57 | 000,000,268 | RH-- | C] () -- C:\Users\Moris Jan\AppData\Roaming\Desktop Pictures
[2013.07.15 19:37:57 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2013.07.15 19:37:57 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Filters
[2013.07.15 19:37:57 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Dictionaries
[2012.10.23 16:49:51 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2010.03.14 11:02:03 | 000,001,041 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\vso_ts_preview.xml
[2010.03.14 10:59:23 | 000,087,608 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\inst.exe
[2010.03.14 10:59:23 | 000,007,887 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\pcouffin.cat
[2010.03.14 10:59:23 | 000,001,144 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\pcouffin.inf
[2009.10.04 20:43:50 | 000,000,418 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\wklnhst.dat
[2009.09.19 18:23:09 | 000,024,206 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\UserTile.png
[2009.08.03 20:49:16 | 000,000,080 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\downloads.m3u
[2009.07.26 23:56:11 | 000,000,029 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\default.rss
[2009.07.22 18:33:38 | 000,119,855 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.07.22 17:44:03 | 000,119,855 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.07.22 17:40:13 | 000,007,808 | ---- | C] () -- C:\Users\Moris Jan\AppData\Local\d3d9caps.dat
[2009.07.07 16:42:08 | 000,196,096 | ---- | C] () -- C:\Users\Moris Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.04 01:52:16 | 000,000,250 | ---- | C] () -- C:\ProgramData\hpqp.ini
========== ZeroAccess Check ==========
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 15:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.02.14 20:30:26 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.02.14 20:30:26 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2014.03.14 22:14:54 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Allmyapps
[2012.01.06 20:58:43 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Applian FLV and Media Player
[2013.03.18 15:59:05 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Ashampoo
[2014.06.11 17:14:27 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Audacity
[2013.12.11 20:16:48 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AVG
[2013.09.25 19:04:34 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AVG2014
[2010.07.18 10:14:59 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AviDvdBurner
[2013.03.18 15:49:11 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Broad Intelligence
[2010.08.06 15:31:03 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CBS Interactive
[2011.12.31 17:56:00 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\com.w3i.FlipToast
[2010.08.13 22:20:14 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CoolFlvMan
[2010.08.13 22:19:15 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CoolYouTubeDownloader
[2013.03.19 19:19:44 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Delfyn Software
[2013.02.27 20:45:53 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Downloaded Installations
[2012.11.24 18:49:38 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Dream Aquarium
[2012.05.20 18:01:26 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Free Audio Editor
[2012.05.12 20:18:24 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Get from YouTube
[2013.12.04 01:28:46 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\GHISLER
[2012.05.12 20:21:36 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Import Audio from Video
[2013.03.16 19:36:53 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\ImTOO
[2013.11.16 13:35:00 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\ipla
[2009.07.16 16:00:58 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\IrfanView
[2010.03.02 17:49:10 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Leawo
[2013.09.07 19:14:58 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nico Mak Computing
[2013.07.15 19:49:38 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nikon
[2014.01.04 14:13:49 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nitro PDF
[2011.04.08 17:10:40 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\OpenOffice.org
[2010.05.16 20:21:04 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\PeerNetworking
[2014.04.12 08:13:02 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\PhotoScape
[2013.04.13 13:17:55 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Seznam.cz
[2009.10.04 21:13:30 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Template
[2013.07.22 19:48:49 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\TuneUp Software
[2009.11.08 20:30:21 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\uTorrent
[2011.02.09 17:29:16 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\VeskrnaMartin
[2014.07.29 14:41:01 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Vso
[2012.08.10 15:17:41 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\XnView
[2013.03.01 19:57:19 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\YouTube Downloader
[2014.04.12 06:33:18 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Zoner
[2013.02.14 20:30:26 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\TuneUp Software
[2013.02.14 20:30:26 | 000,000,000 | ---D | M] -- C:\Users\TEMP.MorisJan-PC\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< >
[2006.11.02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 15:01:49 | 000,032,560 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.08.08 17:39:07 | 000,000,378 | ---- | C] () -- C:\Windows\Tasks\NeroLiveEpgUpdate-MorisJan-PC_Moris-Jan.job
[2012.04.07 06:24:01 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.04.12 07:50:37 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.07.01 09:03:37 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf94fa94710a2e.job
< >
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.11.22 13:21:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2008.11.22 13:21:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2008.11.22 13:21:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2008.11.22 13:21:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2013.10.03 15:16:48 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=165E9D93A84A7F55EBEEB1B554110680 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[2013.04.24 06:00:30 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=3EDE4C1F9672C972479201544969ADCB -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[2013.04.17 14:30:06 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=58CEF2D243575512657452B9E89A2E1F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[2013.07.08 06:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\System32\cryptsvc.dll
[2013.07.08 06:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[2008.01.21 04:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2012.04.23 18:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=75C6A297E364014840B48ECCD7525E30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[2013.07.08 04:50:53 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=828805E2E7F529B24849AD52740288DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[2012.04.23 16:48:06 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=C979AEA8C4D8F875CD25507D08980006 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[2013.04.17 13:28:51 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=CC8E2C87016A07892B5448D764BF8A30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[2012.06.02 13:09:26 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=DD9CCF40ED80DD0D62F1B607A1EA4449 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[2012.06.02 02:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[2013.04.24 05:46:45 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=FBE051C07C3D2B9011ECB1C7A73120C1 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2007.05.17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2012.06.02 00:37:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=613DEB66A91820F0A41915B40BB8833F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\System32\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011.11.16 15:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SMSS.EXE >
[2013.07.08 03:18:50 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=18CE0D0DCB7AF0D3E67ECF12BDE1382D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23154_none_ae7897262f9a96cf\smss.exe
[2013.03.09 03:16:53 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=44A40B18D9F6315D35F4539A41ECDE0D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23076_none_ae64f5fc2fa90438\smss.exe
[2008.01.21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2013.05.02 03:27:42 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=AF2F8F104F119DD10AFA8B54A006F1B6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23103_none_aeada6782f72f1c3\smss.exe
[2013.03.09 03:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\System32\smss.exe
[2013.03.09 03:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18805_none_ae2630391653543e\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.11.22 13:19:06 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2013.05.08 05:40:36 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=078218D74C4EFC2CE7E4C6DF22A94F2F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012.03.30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013.01.04 13:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2013.05.08 06:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013.07.05 05:20:37 | 000,914,880 | ---- | M] (Microsoft Corporation) MD5=6D0D344F643E28B31262AC2682109A3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_b55a00e77cd1055d\tcpip.sys
[2013.01.04 13:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008.11.22 13:19:06 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2014.04.05 05:23:10 | 000,915,392 | ---- | M] (Microsoft Corporation) MD5=A4196D394207369E1431E8681B373312 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23370_none_b54264477ce304df\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2014.04.05 04:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.19080_none_b4adf3c463cd86b8\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2013.07.05 06:53:33 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=D18D53974FD715D50FC76F9FFE1C830D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_b4ae19bc63cd564f\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2012.03.30 14:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008.01.21 04:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[214 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[52 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp -> ]
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[20 C:\Windows\System32\config\systemprofile\AppData\Local\Avg2014\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Avg2014\temp\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
[6 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.08.10 15:30:26 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Adobe
[2012.05.03 16:46:22 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Ahead
[2014.03.14 22:14:54 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Allmyapps
[2012.01.06 20:58:43 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Applian FLV and Media Player
[2013.07.15 17:59:16 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\ArcSoft
[2013.03.18 15:59:05 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Ashampoo
[2014.06.11 17:14:27 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Audacity
[2013.12.11 20:16:48 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AVG
[2013.09.25 19:04:34 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AVG2014
[2010.07.18 10:14:59 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AviDvdBurner
[2013.03.18 15:49:11 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Broad Intelligence
[2010.08.06 15:31:03 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CBS Interactive
[2011.12.31 17:56:00 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\com.w3i.FlipToast
[2010.08.13 22:20:14 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CoolFlvMan
[2010.08.13 22:19:15 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CoolYouTubeDownloader
[2009.11.28 13:23:50 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CyberLink
[2013.03.19 19:19:44 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Delfyn Software
[2013.02.27 20:45:53 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Downloaded Installations
[2012.11.24 18:49:38 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Dream Aquarium
[2013.03.27 18:43:31 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\dvdcss
[2012.05.20 18:01:26 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Free Audio Editor
[2012.05.12 20:18:24 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Get from YouTube
[2013.12.04 01:28:46 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\GHISLER
[2011.02.05 12:30:28 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Google
[2011.01.06 16:33:55 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\GRETECH
[2010.04.30 19:16:44 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Hewlett-Packard
[2013.12.12 20:54:42 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\HpUpdate
[2009.07.07 15:35:07 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Identities
[2012.05.12 20:21:36 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Import Audio from Video
[2013.03.16 19:36:53 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\ImTOO
[2013.07.05 20:00:13 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\InstallShield
[2013.11.16 13:35:00 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\ipla
[2009.07.16 16:00:58 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\IrfanView
[2010.03.02 17:49:10 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Leawo
[2009.07.10 17:28:05 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Media Center Programs
[2011.02.07 17:50:34 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Media Player Classic
[2013.11.17 10:14:58 | 000,000,000 | --SD | M] -- C:\Users\Moris Jan\AppData\Roaming\Microsoft
[2013.10.11 18:48:11 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Mozilla
[2011.02.21 17:47:53 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nero
[2010.02.07 00:27:11 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\NeroDigital(TM)
[2013.09.07 19:14:58 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nico Mak Computing
[2013.07.15 19:49:38 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nikon
[2014.01.04 14:13:49 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nitro PDF
[2011.04.08 17:10:40 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\OpenOffice.org
[2010.05.16 20:21:04 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\PeerNetworking
[2014.04.12 08:13:02 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\PhotoScape
[2012.05.27 16:57:55 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Real
[2013.04.13 13:17:55 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Seznam.cz
[2014.09.05 14:57:34 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Skype
[2011.07.03 12:40:28 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\skypePM
[2009.10.04 21:13:30 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Template
[2013.07.22 19:48:49 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\TuneUp Software
[2009.11.08 20:30:21 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\uTorrent
[2011.02.09 17:29:16 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\VeskrnaMartin
[2014.07.30 08:36:55 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\vlc
[2014.07.29 14:41:01 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Vso
[2009.09.18 14:47:08 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\WinRAR
[2012.08.10 15:17:41 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\XnView
[2013.03.01 19:57:19 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\YouTube Downloader
[2014.04.12 06:33:18 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2013.03.11 20:50:36 | 000,087,608 | ---- | M] () -- C:\Users\Moris Jan\AppData\Roaming\inst.exe
[2010.07.18 10:15:32 | 007,362,990 | ---- | M] (AviDvdBurner.com Inc. ) -- C:\Users\Moris Jan\AppData\Roaming\AviDvdBurner\AviDvdBurner_inst.exe
[2007.03.22 12:46:42 | 000,126,976 | ---- | M] () -- C:\Users\Moris Jan\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2011.12.31 17:50:52 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Moris Jan\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.02.04 17:41:50 | 003,800,224 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Moris Jan\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2010.08.21 14:10:56 | 000,029,926 | R--- | M] () -- C:\Users\Moris Jan\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2013.07.15 19:42:56 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Moris Jan\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
[2014.07.31 20:57:53 | 000,428,889 | ---- | M] () -- C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\modules\ffmpeg\ffmpeg.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[7 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[7 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.09.08 17:54:10 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014.09.08 17:54:10 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[7 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.21 04:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2014.07.24 19:55:56 | 021,653,096 | R--- | M] (Skype Technologies S.A.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.09.08 18:06:08 | 000,000,512 | ---- | M] () MD5=A7F8A60C493C895DCE5F086DAE2DDF26 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Moris Jan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,75 Gb Total Physical Memory | 0,63 Gb Available Physical Memory | 35,78% Memory free
3,74 Gb Paging File | 2,34 Gb Available in Paging File | 62,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,62 Gb Total Space | 98,72 Gb Free Space | 34,08% Space Free | Partition Type: NTFS
Drive D: | 8,47 Gb Total Space | 1,59 Gb Free Space | 18,82% Space Free | Partition Type: NTFS
Computer Name: MORISJAN-PC | User Name: Moris Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.09.08 17:59:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moris Jan\Desktop\OTL.exe
PRC - [2014.08.25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2014.08.25 11:40:08 | 000,846,864 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2014.08.25 11:39:18 | 000,643,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2014.08.25 11:39:12 | 000,838,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2014.08.25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2014.08.25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2014.08.25 11:31:58 | 000,657,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2014.07.31 11:04:26 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.20 11:11:46 | 000,196,904 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
PRC - [2011.12.12 14:07:00 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2011.12.12 14:06:58 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2009.10.16 10:44:18 | 000,053,560 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe
PRC - [2009.10.16 10:44:14 | 001,600,816 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Tools\InCD\NBHGui.exe
PRC - [2009.10.16 10:44:10 | 001,420,592 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
PRC - [2009.10.16 10:44:06 | 001,060,136 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Tools\InCD\InCD.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.10.06 10:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2008.09.30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2007.09.14 07:02:10 | 001,080,264 | ---- | M] (C. Ghisler & Co.) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2007.02.20 11:07:40 | 000,199,752 | ---- | M] (Pinnacle Systems GmbH) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
========== Modules (No Company Name) ==========
MOD - [2014.07.31 11:04:21 | 003,800,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2009.09.08 15:18:26 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
========== Services (SafeList) ==========
SRV - [2014.08.25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014.08.25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014.07.31 11:04:22 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.07.11 16:00:31 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.12.20 11:11:46 | 000,196,904 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe -- (NitroReaderDriverReadSpool2)
SRV - [2011.12.12 14:07:00 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010.04.21 19:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.04.21 19:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009.10.16 10:44:18 | 000,053,560 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe -- (NeroRegInCDSrv)
SRV - [2009.10.16 10:44:10 | 001,420,592 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Tools\InCD\InCDSrv.exe -- (InCDSrv)
SRV - [2009.04.11 08:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008.10.06 10:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008.09.30 12:48:28 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.02.03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [File_System | On_Demand | Running] -- C:\Windows\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2014.08.06 10:49:48 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2014.07.21 21:03:22 | 000,200,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2014.06.30 12:43:12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014.06.17 16:22:02 | 000,188,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2014.06.17 16:21:22 | 000,197,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014.06.17 16:18:00 | 000,241,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014.06.17 16:17:58 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014.06.17 16:06:22 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2014.06.17 16:06:20 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011.03.25 14:35:19 | 000,094,336 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV - [2010.01.27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009.10.16 10:43:04 | 000,130,200 | ---- | M] (Nero AG) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\InCDFs.sys -- (InCDFs)
DRV - [2009.10.16 10:42:58 | 000,019,096 | ---- | M] (Nero AG) [File_System | System | Running] -- C:\Windows\System32\drivers\InCDRec.sys -- (InCDRec)
DRV - [2009.10.16 10:42:50 | 000,048,280 | ---- | M] (Nero AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2009.09.05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.23 22:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.05.09 21:17:32 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.04.25 00:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.01.29 15:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007.10.18 01:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.06.18 18:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{89F0EFA3-627F-4666-B6B5-BA622E51008A}: "URL" = http://slirsredirect.search.aol.com/sli ... bie7-cs-cz
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes\{B5088F42-2168-4891-AAEC-D56D305F9798}: "URL" = http://www.bing.com/search?FORM=DCF4DF& ... -SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-18\..\SearchScopes\{B5088F42-2168-4891-AAEC-D56D305F9798}: "URL" = http://www.bing.com/search?FORM=DCF4DF& ... -SearchBox
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Moris Jan\Desktop
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes,DefaultScope = AE929DE2FC344FE08074098FBC9B928E
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{04610950-1FB7-4B21-9EA4-4E53D2912793}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{252E6241-9506-4A49-B439-DAC7FC915E1B}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2737658
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{2BDB178A-DE3D-44EE-85C1-566ADEF0D457}: "URL" = http://www2.inbox.com/search/dispatcher ... 923&lng=cs
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{3EC4DBFF-46C7-4964-AB26-60E942F7387C}: "URL" = http://encyklopedie.seznam.cz/search?s= ... rer:source?}
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{89F0EFA3-627F-4666-B6B5-BA622E51008A}: "URL" = http://slirsredirect.search.aol.com/sli ... bie7-cs-cz
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\AE929DE2FC344FE08074098FBC9B928E: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Moris Jan\Desktop
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = AE929DE2FC344FE08074098FBC9B928E
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{04610950-1FB7-4B21-9EA4-4E53D2912793}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{252E6241-9506-4A49-B439-DAC7FC915E1B}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2737658
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{2BDB178A-DE3D-44EE-85C1-566ADEF0D457}: "URL" = http://www2.inbox.com/search/dispatcher ... 923&lng=cs
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{3EC4DBFF-46C7-4964-AB26-60E942F7387C}: "URL" = http://encyklopedie.seznam.cz/search?s= ... rer:source?}
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{89F0EFA3-627F-4666-B6B5-BA622E51008A}: "URL" = http://slirsredirect.search.aol.com/sli ... bie7-cs-cz
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\AE929DE2FC344FE08074098FBC9B928E: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Amazon "
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: lmnPopVideo%40lshai.com:0.6.8
FF - prefs.js..extensions.enabledAddons: 1clickImageDownloadOverlay%40final.ca:1.3
FF - prefs.js..extensions.enabledAddons: %7B46551EC9-40F0-4e47-8E18-8E5CF550CFB8%7D:1.4.3
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:6.1.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.24
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014.08.23 13:18:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.07.31 11:04:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014.08.23 13:18:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.07.31 11:04:01 | 000,000,000 | ---D | M]
[2013.10.11 18:48:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Extensions
[2014.09.08 07:29:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\cvcp5k1n.default\extensions
[2014.09.06 09:27:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.08.01 10:05:36 | 000,000,000 | ---D | M] ("Flash Video Downloader - YouTube Full HD Download") -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com
[2011.12.27 16:41:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\ebkpavo6.default\extensions
[2011.12.27 16:41:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\g2yn5piz.default\extensions
[2014.08.23 13:18:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\uu7klb0j.default\extensions
[2010.06.22 15:40:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\Firefox\Profiles\uu7klb0j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2014.01.10 19:33:14 | 000,006,324 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\1clickImageDownloadOverlay@final.ca.xpi
[2014.09.05 00:03:57 | 000,201,091 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
[2014.05.15 16:43:34 | 000,395,854 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\ffext_basicvideoext@startpage24.xpi
[2014.02.19 19:13:52 | 000,020,112 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\jid0-HbNL9qqBkuuKRhJ9ncTonCky1HU@jetpack.xpi
[2014.09.08 07:29:14 | 000,026,047 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\jid1-9tZMAIdeuiEjHg@jetpack.xpi
[2013.10.18 18:22:45 | 000,039,858 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\lmnPopVideo@lshai.com.xpi
[2014.05.02 10:44:14 | 000,293,729 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
[2014.08.23 13:39:29 | 000,135,503 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi
[2014.09.08 07:29:16 | 000,020,016 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2014.05.02 06:58:55 | 000,731,942 | ---- | M] () (No name found) -- C:\Users\Moris Jan\AppData\Roaming\mozilla\firefox\profiles\cvcp5k1n.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2014.08.23 13:18:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014.07.31 11:03:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.07.31 11:04:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - homepage: http://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Dokumenty Google = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávánà Google = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: TheTorntv V10 = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\giccehglhacakcfemddmfhdkahamfcmd\16098.1852.9732_0\
CHR - Extension: Pen\u011b\u017eenka Google = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\Moris Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Lišta Centrum.cz - pomocný objekt) - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll ()
O3 - HKLM\..\Toolbar: (Lišta Centrum.cz) - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Tools\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [NBHGui] C:\Program Files\Nero\Tools\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O9 - Extra Button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.200.48.55 81.200.48.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4EF9B73C-55A3-4B98-B1CD-E32AF3A1632C}: DhcpNameServer = 81.200.48.48 81.200.48.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FF104A8-E3F9-4083-995F-860022E3F39E}: DhcpNameServer = 81.200.48.55 81.200.48.11
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Moris Jan\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Moris Jan\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a5b33ade-02d3-11e0-bfee-001f1668b880}\Shell - "" = Autorun
O33 - MountPoints2\{a5b33ade-02d3-11e0-bfee-001f1668b880}\Shell\AutoRun\command - "" = F:\Install_Nokia_Ovi_Suite.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Windows\System32\ffdshow.ax ()
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.09.08 17:59:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Moris Jan\Desktop\OTL.exe
[2014.09.02 11:15:44 | 002,054,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014.08.28 13:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014.08.28 13:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.08.23 13:17:11 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014.08.23 13:14:19 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.08.22 13:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.08.22 13:01:56 | 000,000,000 | ---D | C] -- C:\rsit
[2014.08.20 09:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014.08.19 08:35:24 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2014.08.19 08:35:23 | 000,619,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2014.08.19 08:35:23 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2014.08.19 08:35:08 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2014.08.16 08:46:41 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014.08.16 08:46:41 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2014.08.16 08:46:41 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2014.08.16 08:46:26 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2014.08.16 08:46:16 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.08.16 08:46:16 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014.08.16 08:46:16 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014.08.16 08:46:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.08.16 08:46:09 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.08.16 08:46:09 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014.08.16 08:46:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014.08.16 08:46:08 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.08.16 08:46:08 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.08.16 08:46:08 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.08.16 08:46:08 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.08.16 08:46:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014.08.16 08:45:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.03.14 10:59:23 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Moris Jan\AppData\Roaming\pcouffin.sys
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.09.08 18:06:08 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.09.08 17:59:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moris Jan\Desktop\OTL.exe
[2014.09.08 17:54:28 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.09.08 17:54:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014.09.08 17:54:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014.09.08 17:54:04 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.09.08 17:54:03 | 000,119,855 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2014.09.08 17:53:57 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf94fa94710a2e.job
[2014.09.08 17:53:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.09.08 07:07:57 | 000,000,250 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2014.09.08 07:05:46 | 000,119,855 | ---- | M] () -- C:\ProgramData\nvModes.001
[2014.09.08 07:05:35 | 1877,274,624 | -HS- | M] () -- C:\hiberfil.sys
[2014.09.06 00:13:58 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\NeroLiveEpgUpdate-MorisJan-PC_Moris-Jan.job
[2014.09.05 10:46:07 | 000,000,814 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014.09.02 11:56:01 | 000,439,624 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.08.23 13:12:35 | 001,364,531 | ---- | M] () -- C:\Users\Moris Jan\Desktop\adwcleaner_3.308.exe
[2014.08.23 01:26:28 | 002,054,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014.08.19 09:40:42 | 000,687,182 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.08.19 09:40:42 | 000,673,968 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.08.19 09:40:42 | 000,154,186 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.08.19 09:40:42 | 000,132,854 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.09.08 18:06:08 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.08.23 13:12:34 | 001,364,531 | ---- | C] () -- C:\Users\Moris Jan\Desktop\adwcleaner_3.308.exe
[2013.09.08 13:54:55 | 000,000,097 | ---- | C] () -- C:\Users\Moris Jan\AppData\Local\fusioncache.dat
[2013.07.15 19:41:46 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Contents
[2013.07.15 19:41:46 | 000,000,268 | RH-- | C] () -- C:\Users\Moris Jan\AppData\Roaming\Compressor
[2013.07.15 19:41:46 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013.07.15 19:41:46 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Digital Light
[2013.07.15 19:40:09 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Contextual Menu Items
[2013.07.15 19:40:09 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Console
[2013.07.15 19:40:09 | 000,000,268 | RH-- | C] () -- C:\Users\Moris Jan\AppData\Roaming\Conditionals
[2013.07.15 19:40:09 | 000,000,268 | RH-- | C] () -- C:\Users\Moris Jan\AppData\Roaming\Components
[2013.07.15 19:40:09 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013.07.15 19:40:09 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013.07.15 19:40:09 | 000,000,012 | RH-- | C] () -- C:\ProgramData\DirectoryService
[2013.07.15 19:37:57 | 000,000,268 | RH-- | C] () -- C:\Users\Moris Jan\AppData\Roaming\Desktop Pictures
[2013.07.15 19:37:57 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2013.07.15 19:37:57 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Filters
[2013.07.15 19:37:57 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Dictionaries
[2012.10.23 16:49:51 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2010.03.14 11:02:03 | 000,001,041 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\vso_ts_preview.xml
[2010.03.14 10:59:23 | 000,087,608 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\inst.exe
[2010.03.14 10:59:23 | 000,007,887 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\pcouffin.cat
[2010.03.14 10:59:23 | 000,001,144 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\pcouffin.inf
[2009.10.04 20:43:50 | 000,000,418 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\wklnhst.dat
[2009.09.19 18:23:09 | 000,024,206 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\UserTile.png
[2009.08.03 20:49:16 | 000,000,080 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\downloads.m3u
[2009.07.26 23:56:11 | 000,000,029 | ---- | C] () -- C:\Users\Moris Jan\AppData\Roaming\default.rss
[2009.07.22 18:33:38 | 000,119,855 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.07.22 17:44:03 | 000,119,855 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.07.22 17:40:13 | 000,007,808 | ---- | C] () -- C:\Users\Moris Jan\AppData\Local\d3d9caps.dat
[2009.07.07 16:42:08 | 000,196,096 | ---- | C] () -- C:\Users\Moris Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.04 01:52:16 | 000,000,250 | ---- | C] () -- C:\ProgramData\hpqp.ini
========== ZeroAccess Check ==========
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 15:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.02.14 20:30:26 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.02.14 20:30:26 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2014.03.14 22:14:54 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Allmyapps
[2012.01.06 20:58:43 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Applian FLV and Media Player
[2013.03.18 15:59:05 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Ashampoo
[2014.06.11 17:14:27 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Audacity
[2013.12.11 20:16:48 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AVG
[2013.09.25 19:04:34 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AVG2014
[2010.07.18 10:14:59 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AviDvdBurner
[2013.03.18 15:49:11 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Broad Intelligence
[2010.08.06 15:31:03 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CBS Interactive
[2011.12.31 17:56:00 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\com.w3i.FlipToast
[2010.08.13 22:20:14 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CoolFlvMan
[2010.08.13 22:19:15 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CoolYouTubeDownloader
[2013.03.19 19:19:44 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Delfyn Software
[2013.02.27 20:45:53 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Downloaded Installations
[2012.11.24 18:49:38 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Dream Aquarium
[2012.05.20 18:01:26 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Free Audio Editor
[2012.05.12 20:18:24 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Get from YouTube
[2013.12.04 01:28:46 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\GHISLER
[2012.05.12 20:21:36 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Import Audio from Video
[2013.03.16 19:36:53 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\ImTOO
[2013.11.16 13:35:00 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\ipla
[2009.07.16 16:00:58 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\IrfanView
[2010.03.02 17:49:10 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Leawo
[2013.09.07 19:14:58 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nico Mak Computing
[2013.07.15 19:49:38 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nikon
[2014.01.04 14:13:49 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nitro PDF
[2011.04.08 17:10:40 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\OpenOffice.org
[2010.05.16 20:21:04 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\PeerNetworking
[2014.04.12 08:13:02 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\PhotoScape
[2013.04.13 13:17:55 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Seznam.cz
[2009.10.04 21:13:30 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Template
[2013.07.22 19:48:49 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\TuneUp Software
[2009.11.08 20:30:21 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\uTorrent
[2011.02.09 17:29:16 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\VeskrnaMartin
[2014.07.29 14:41:01 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Vso
[2012.08.10 15:17:41 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\XnView
[2013.03.01 19:57:19 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\YouTube Downloader
[2014.04.12 06:33:18 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Zoner
[2013.02.14 20:30:26 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\TuneUp Software
[2013.02.14 20:30:26 | 000,000,000 | ---D | M] -- C:\Users\TEMP.MorisJan-PC\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< >
[2006.11.02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 15:01:49 | 000,032,560 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.08.08 17:39:07 | 000,000,378 | ---- | C] () -- C:\Windows\Tasks\NeroLiveEpgUpdate-MorisJan-PC_Moris-Jan.job
[2012.04.07 06:24:01 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.04.12 07:50:37 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.07.01 09:03:37 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf94fa94710a2e.job
< >
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.11.22 13:21:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2008.11.22 13:21:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2008.11.22 13:21:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2008.11.22 13:21:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2013.10.03 15:16:48 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=165E9D93A84A7F55EBEEB1B554110680 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[2013.04.24 06:00:30 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=3EDE4C1F9672C972479201544969ADCB -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[2013.04.17 14:30:06 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=58CEF2D243575512657452B9E89A2E1F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[2013.07.08 06:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\System32\cryptsvc.dll
[2013.07.08 06:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=684C130BBC6DB681BAD4920A4C944AA5 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[2008.01.21 04:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2012.04.23 18:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=75C6A297E364014840B48ECCD7525E30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[2013.07.08 04:50:53 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=828805E2E7F529B24849AD52740288DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[2012.04.23 16:48:06 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=C979AEA8C4D8F875CD25507D08980006 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[2013.04.17 13:28:51 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=CC8E2C87016A07892B5448D764BF8A30 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[2012.06.02 13:09:26 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=DD9CCF40ED80DD0D62F1B607A1EA4449 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[2012.06.02 02:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=F1E8C34892336D33EDDCDFE44E474F64 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[2013.04.24 05:46:45 | 000,135,168 | ---- | M] (Microsoft Corporation) MD5=FBE051C07C3D2B9011ECB1C7A73120C1 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2007.05.17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2012.06.02 00:37:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=613DEB66A91820F0A41915B40BB8833F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\System32\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2011.11.16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011.11.16 15:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SMSS.EXE >
[2013.07.08 03:18:50 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=18CE0D0DCB7AF0D3E67ECF12BDE1382D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23154_none_ae7897262f9a96cf\smss.exe
[2013.03.09 03:16:53 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=44A40B18D9F6315D35F4539A41ECDE0D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23076_none_ae64f5fc2fa90438\smss.exe
[2008.01.21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2013.05.02 03:27:42 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=AF2F8F104F119DD10AFA8B54A006F1B6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23103_none_aeada6782f72f1c3\smss.exe
[2013.03.09 03:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\System32\smss.exe
[2013.03.09 03:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18805_none_ae2630391653543e\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.11.22 13:19:06 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2013.05.08 05:40:36 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=078218D74C4EFC2CE7E4C6DF22A94F2F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012.03.30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013.01.04 13:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2013.05.08 06:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013.07.05 05:20:37 | 000,914,880 | ---- | M] (Microsoft Corporation) MD5=6D0D344F643E28B31262AC2682109A3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_b55a00e77cd1055d\tcpip.sys
[2013.01.04 13:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008.11.22 13:19:06 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2014.04.05 05:23:10 | 000,915,392 | ---- | M] (Microsoft Corporation) MD5=A4196D394207369E1431E8681B373312 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23370_none_b54264477ce304df\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2014.04.05 04:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.19080_none_b4adf3c463cd86b8\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2013.07.05 06:53:33 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=D18D53974FD715D50FC76F9FFE1C830D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_b4ae19bc63cd564f\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2012.03.30 14:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008.01.21 04:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[214 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[52 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp -> ]
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[20 C:\Windows\System32\config\systemprofile\AppData\Local\Avg2014\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Avg2014\temp\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
[6 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.08.10 15:30:26 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Adobe
[2012.05.03 16:46:22 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Ahead
[2014.03.14 22:14:54 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Allmyapps
[2012.01.06 20:58:43 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Applian FLV and Media Player
[2013.07.15 17:59:16 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\ArcSoft
[2013.03.18 15:59:05 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Ashampoo
[2014.06.11 17:14:27 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Audacity
[2013.12.11 20:16:48 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AVG
[2013.09.25 19:04:34 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AVG2014
[2010.07.18 10:14:59 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\AviDvdBurner
[2013.03.18 15:49:11 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Broad Intelligence
[2010.08.06 15:31:03 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CBS Interactive
[2011.12.31 17:56:00 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\com.w3i.FlipToast
[2010.08.13 22:20:14 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CoolFlvMan
[2010.08.13 22:19:15 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CoolYouTubeDownloader
[2009.11.28 13:23:50 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\CyberLink
[2013.03.19 19:19:44 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Delfyn Software
[2013.02.27 20:45:53 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Downloaded Installations
[2012.11.24 18:49:38 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Dream Aquarium
[2013.03.27 18:43:31 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\dvdcss
[2012.05.20 18:01:26 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Free Audio Editor
[2012.05.12 20:18:24 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Get from YouTube
[2013.12.04 01:28:46 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\GHISLER
[2011.02.05 12:30:28 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Google
[2011.01.06 16:33:55 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\GRETECH
[2010.04.30 19:16:44 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Hewlett-Packard
[2013.12.12 20:54:42 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\HpUpdate
[2009.07.07 15:35:07 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Identities
[2012.05.12 20:21:36 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Import Audio from Video
[2013.03.16 19:36:53 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\ImTOO
[2013.07.05 20:00:13 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\InstallShield
[2013.11.16 13:35:00 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\ipla
[2009.07.16 16:00:58 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\IrfanView
[2010.03.02 17:49:10 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Leawo
[2009.07.10 17:28:05 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Media Center Programs
[2011.02.07 17:50:34 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Media Player Classic
[2013.11.17 10:14:58 | 000,000,000 | --SD | M] -- C:\Users\Moris Jan\AppData\Roaming\Microsoft
[2013.10.11 18:48:11 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Mozilla
[2011.02.21 17:47:53 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nero
[2010.02.07 00:27:11 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\NeroDigital(TM)
[2013.09.07 19:14:58 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nico Mak Computing
[2013.07.15 19:49:38 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nikon
[2014.01.04 14:13:49 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Nitro PDF
[2011.04.08 17:10:40 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\OpenOffice.org
[2010.05.16 20:21:04 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\PeerNetworking
[2014.04.12 08:13:02 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\PhotoScape
[2012.05.27 16:57:55 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Real
[2013.04.13 13:17:55 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Seznam.cz
[2014.09.05 14:57:34 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Skype
[2011.07.03 12:40:28 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\skypePM
[2009.10.04 21:13:30 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Template
[2013.07.22 19:48:49 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\TuneUp Software
[2009.11.08 20:30:21 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\uTorrent
[2011.02.09 17:29:16 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\VeskrnaMartin
[2014.07.30 08:36:55 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\vlc
[2014.07.29 14:41:01 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Vso
[2009.09.18 14:47:08 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\WinRAR
[2012.08.10 15:17:41 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\XnView
[2013.03.01 19:57:19 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\YouTube Downloader
[2014.04.12 06:33:18 | 000,000,000 | ---D | M] -- C:\Users\Moris Jan\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2013.03.11 20:50:36 | 000,087,608 | ---- | M] () -- C:\Users\Moris Jan\AppData\Roaming\inst.exe
[2010.07.18 10:15:32 | 007,362,990 | ---- | M] (AviDvdBurner.com Inc. ) -- C:\Users\Moris Jan\AppData\Roaming\AviDvdBurner\AviDvdBurner_inst.exe
[2007.03.22 12:46:42 | 000,126,976 | ---- | M] () -- C:\Users\Moris Jan\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2011.12.31 17:50:52 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Moris Jan\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.02.04 17:41:50 | 003,800,224 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Moris Jan\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2010.08.21 14:10:56 | 000,029,926 | R--- | M] () -- C:\Users\Moris Jan\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2013.07.15 19:42:56 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Moris Jan\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
[2014.07.31 20:57:53 | 000,428,889 | ---- | M] () -- C:\Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\modules\ffmpeg\ffmpeg.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[7 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[7 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.09.08 17:54:10 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014.09.08 17:54:10 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[7 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.21 04:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2014.07.24 19:55:56 | 021,653,096 | R--- | M] (Skype Technologies S.A.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.09.08 18:06:08 | 000,000,512 | ---- | M] () MD5=A7F8A60C493C895DCE5F086DAE2DDF26 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
Re: Pomaly notebook vyskakuji okna
[2010.08.13 22:19:12 | 000,000,052 | ---- | M] () -- \Program Files\Cool YouTube Downloader\Cool YouTube Downloader Advanced Version.url
[2008.09.15 16:14:34 | 002,184,488 | ---- | M] () -- \Program Files\CyberLink\Shared files\Plugin\5.0\CES_3DLoaderFBX.dll
[2011.12.31 17:50:55 | 000,001,470 | ---- | M] () -- \Program Files\fliptoast\lib\core\FileLoader.js
[2011.12.31 17:50:55 | 000,004,091 | ---- | M] () -- \Program Files\fliptoast\lib\core\IconLoader.js
[2011.12.31 17:50:56 | 000,006,820 | ---- | M] () -- \Program Files\fliptoast\themes\normal\Images\loader.gif
[2010.12.23 15:47:46 | 000,004,176 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Resources\en-US\searching\ajax-loader.gif
[2010.12.23 15:47:48 | 000,000,500 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Tools\DynamicComponents\ruby\dcloader.rb
[2010.12.23 15:47:48 | 000,001,871 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Tools\ShadowStringsFix\shadowstringsfix_loader.rb
[2010.12.23 15:47:48 | 000,003,949 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Tools\SolarNorth\solarnorth_loader.rb
[2010.12.23 15:47:48 | 000,029,565 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Tools\WebTextures\webtextures_loader.rb
[2009.10.06 06:08:30 | 000,145,082 | ---- | M] () -- \Program Files\HP\HP Deskjet 1050 J410 series\Bin\HelpViewer\Resources\Loader.gif
[2009.09.08 15:19:10 | 000,010,916 | ---- | M] () -- \Program Files\HP\QuickPlay\mm\MediaCtrl\ImageLoader.kc
[2009.09.08 15:19:22 | 000,003,433 | ---- | M] () -- \Program Files\HP\QuickPlay\widget\langloader.kc
[2009.09.08 15:19:22 | 000,012,442 | ---- | M] () -- \Program Files\HP\QuickPlay\widget\layoutloader.kc
[2011.01.17 16:21:04 | 000,006,263 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.09.29 18:57:41 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 17:00:08 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.09.29 18:57:57 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 12:24:20 | 000,003,689 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2013.01.21 16:03:44 | 000,030,608 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2008.09.19 13:55:44 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2008.09.15 16:14:34 | 002,184,488 | ---- | M] () -- \SWSetup\CyberDVD\Stage1\PDIR\ShareFiles\Share\Plugin\5.0\CES_3DLoaderFBX.dll
[2008.09.19 13:55:44 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2009.10.25 12:11:19 | 000,009,436 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Google\Google Desktop\7d6f1e03e67e\downloaded_gadgets\youtube_mp4_downloader.gg
[2009.08.14 16:09:11 | 000,003,185 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Google\Google Desktop\7d6f1e03e67e\icons\megavideodownloader_sm.gif
[2009.10.25 12:14:38 | 000,002,960 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Google\Google Desktop\7d6f1e03e67e\icons\utubedownloader_sm.gif
[2011.07.02 17:09:25 | 000,001,843 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Google\Google Desktop\7d6f1e03e67e\icons\youtubemp4downloader_sm.gif
[2014.07.20 12:42:31 | 000,001,980 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\33RZIE6P\AdLoader[1].htm
[2014.08.06 11:21:06 | 000,018,544 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8BFFH9N\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js
[2014.08.05 18:35:23 | 000,001,980 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8BFFH9N\AdLoader[1].htm
[142 \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8BFFH9N\*.tmp files -> \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8BFFH9N\*.tmp -> ]
[2014.08.05 18:35:24 | 000,017,912 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7ROPBN6\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[92 \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7ROPBN6\*.tmp files -> \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7ROPBN6\*.tmp -> ]
[2014.08.06 11:21:06 | 000,001,980 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHV3IMUI\AdLoader[1].htm
[139 \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHV3IMUI\*.tmp files -> \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHV3IMUI\*.tmp -> ]
[2014.06.25 09:05:38 | 000,009,660 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A9ME3X0\ajax_loader[1].gif
[2014.07.05 10:36:03 | 000,003,825 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A9ME3X0\block-loader-8[1].gif
[2014.06.25 09:23:52 | 000,000,673 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A9ME3X0\loader.white[1].gif
[2014.06.25 09:20:33 | 000,019,129 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A9ME3X0\loader[1].js
[2014.09.04 09:57:21 | 000,005,727 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4HXCKOML\loader[1].js
[2014.08.22 09:33:44 | 000,093,331 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E1OOEC61\sf_preloader[1].js
[2014.08.27 19:55:35 | 000,019,124 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GAM75RL1\loader[1].js
[2014.08.28 08:32:18 | 000,005,727 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GAR4RZ2F\loader[1].js
[2014.08.02 09:45:13 | 000,001,849 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L5BLSZ85\loader-white-bg[1].gif
[2014.08.02 09:50:27 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L5BLSZ85\loader[1].js
[2014.08.03 20:33:15 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MA494UNP\loader[1].js
[2014.08.04 13:07:23 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MHQDE978\loader[1].js
[2014.08.04 14:49:57 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MHQDE978\loader[2].js
[2014.08.04 14:34:21 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N7OFAXP1\loader[1].js
[2014.08.04 14:37:58 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N7OFAXP1\loader[2].js
[2014.08.19 13:34:15 | 000,092,812 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NY0FZLGU\sf_preloader[1].js
[2014.08.02 09:45:13 | 000,002,110 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PM3KDHB3\loader[1].gif
[2014.06.25 09:23:52 | 000,000,723 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q8XKFC7F\ajax-loader[1].gif
[2014.08.27 13:13:27 | 000,012,030 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RHO766BO\loader_nav15972_3[1].js
[2014.08.04 14:32:55 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RPE0L2NP\loader[2].js
[2014.06.25 09:23:51 | 000,016,164 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RYLGHKTK\loader[1].png
[2014.08.04 14:49:14 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TAHFNBMV\loader[1].js
[2014.08.04 15:22:10 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TAHFNBMV\loader[3].js
[2014.07.07 13:40:10 | 000,007,316 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V65ZBQB6\loader[1].js
[2014.06.25 09:21:47 | 000,019,129 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VKZNVLKW\loader[1].js
[2014.07.05 10:36:02 | 000,000,184 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WP2IVMKS\block-loader-8[1].htm
[2014.06.25 09:39:56 | 000,004,006 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y2KWWG5D\uploaderapi2[1].swf
[2014.08.04 13:06:16 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y2XYZ4FQ\loader[1].js
[2014.08.05 11:45:03 | 000,019,124 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y2XYZ4FQ\loader[2].js
[2014.07.01 11:46:16 | 000,072,638 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.07.01 11:46:16 | 000,003,032 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Skype\Apps\login\images\loader.png
[2014.07.01 11:46:16 | 000,006,012 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.01 11:46:16 | 000,021,956 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.01 11:46:16 | 000,009,772 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.06.24 09:10:49 | 000,009,427 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\GGNRF4ED\ajax-loader[1].gif
[2014.08.13 08:54:33 | 000,005,727 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\GGNRF4ED\loader[1].js
[2011.12.31 17:50:56 | 000,006,820 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\com.w3i.FlipToast\Local Store\currenttheme\Images\loader.gif
[2014.07.31 20:57:43 | 000,001,398 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\content\dialogs\offer_downloader.css
[2014.07.31 20:57:44 | 000,002,301 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\content\dialogs\offer_downloader.js
[2014.07.31 20:57:44 | 000,001,276 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\content\dialogs\offer_downloader.xul
[2014.07.31 20:57:46 | 000,000,226 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\locale\ar\fvd.offer_downloader.dtd
[2014.07.31 20:57:46 | 000,000,226 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\locale\en-US\fvd.offer_downloader.dtd
[2014.07.31 20:57:47 | 000,000,226 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\locale\hy-AM\fvd.offer_downloader.dtd
[2014.07.31 20:57:47 | 000,000,226 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\locale\lt\fvd.offer_downloader.dtd
[2014.07.31 20:57:48 | 000,000,226 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\locale\ru\fvd.offer_downloader.dtd
[2010.03.04 09:12:03 | 000,019,080 | ---- | M] () -- \Users\Moris Jan\Downloads\Nikon\VDownloader-Download-51327.html
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[7 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2008.08.06 16:30:04 | 000,009,622 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.08.06 16:35:32 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2008.11.22 12:54:35 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.11.22 12:54:35 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.11.22 12:54:35 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2008.01.21 04:26:53 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008.01.21 04:26:53 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winload.exe.mui_3bc5b827
[2008.01.21 04:26:53 | 000,019,456 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winresume.exe.mui_ff8b5358
[2009.08.04 20:07:42 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2009.08.04 20:07:42 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2009.08.04 20:07:42 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008.01.21 04:26:48 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:26:48 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.11.22 13:00:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.11.22 13:00:22 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.11.22 13:00:21 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.11.22 13:00:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.11.22 13:00:20 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.11.22 13:00:22 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.11.22 13:00:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.11.22 13:00:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.11.22 13:00:22 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.11.22 13:00:21 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.11.22 13:00:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.11.22 13:00:20 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.11.22 13:00:21 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.11.22 13:00:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.11.22 12:52:19 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.01.21 04:21:45 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008.11.22 13:00:24 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.11.22 13:00:24 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.21 04:20:53 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.11.22 13:00:23 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.11.22 13:00:23 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.21 04:19:11 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014.05.13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.07.28 12:02:59 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.06.27 00:17:18 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.08.27 14:19:02 | 000,004,857 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E1OOEC61\jquery.serialscroll[1].js
[2008.09.04 09:06:40 | 000,079,120 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe
[2008.09.04 09:07:02 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-CHS.dll
[2008.09.04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-DEU.dll
[2008.09.04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ESP.dll
[2008.09.04 09:07:06 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-FRA.dll
[2008.09.04 09:07:10 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ITA.dll
[2008.09.04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-JPN.dll
[2008.09.04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-KOR.dll
[2008.09.04 09:07:16 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-NLD.dll
[2013.09.08 12:24:37 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 00:18:10 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.06.27 00:17:18 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.15 11:58:14 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\032ab8e56366d48dc3f04b6eb7bc8c9f\System.Runtime.Serialization.ni.dll
[2014.08.19 09:52:28 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3cc10b92cfad8e49166ce54839ffb833\System.Runtime.Serialization.ni.dll
[2014.08.19 09:49:24 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4059a7ce83ad5b2ca934d8cf02c36ed0\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.15 11:57:31 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\71d3236a23facafbbb7c81924df6ba0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.27 10:22:32 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.27 10:22:32 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.27 10:23:06 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.02.27 10:23:06 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.02.27 10:35:28 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.02.27 10:35:28 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:18:10 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.27 00:17:19 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[7 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2008.11.22 12:54:03 | 000,005,632 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2008.11.22 12:53:32 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2008.11.22 12:53:32 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2006.11.02 14:41:26 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\en-US\grserial.sys.mui
[2006.11.02 14:40:54 | 000,010,752 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2008.01.21 04:23:26 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006.11.02 09:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008.01.21 04:23:01 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006.11.02 10:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008.01.21 04:23:22 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2008.11.22 12:57:41 | 000,005,632 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009.08.04 20:07:48 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2009.08.04 20:07:48 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2008.11.22 12:58:26 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7_serialui.dll.mui_7d29d2a3
[2008.11.22 12:54:34 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c_serialui.dll.mui_7d29d2a3
[2009.08.04 20:08:07 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006.11.02 14:33:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008.01.21 04:21:15 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2009.04.11 00:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010.04.12 20:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2012.10.08 18:24:13 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c.manifest
[2014.07.02 00:20:17 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19134_none_d20164d3b885f0af.manifest
[2010.04.12 21:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2012.10.08 17:03:48 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd.manifest
[2014.07.01 23:23:31 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23436_none_bb33903bd22d8499.manifest
[2008.11.22 12:51:44 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d.manifest
[2006.11.02 14:39:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2008.08.14 07:39:56 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8.manifest
[2008.08.14 07:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d.manifest
[2008.11.22 12:52:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9.manifest
[2008.08.14 10:36:16 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979.manifest
[2008.08.14 09:03:05 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f.manifest
[2009.04.11 11:04:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed.manifest
[2010.04.13 00:15:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418.manifest
[2010.04.12 19:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2012.10.08 21:37:20 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666.manifest
[2012.10.08 18:20:22 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_en-us_bac5ddaf03806178.manifest
[2014.07.02 01:14:29 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_cs-cz_5facab8cc7d210c9.manifest
[2014.07.02 00:10:09 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_en-us_bac925a3037d5bdb.manifest
[2010.04.13 00:51:48 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28.manifest
[2010.04.12 20:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2012.10.08 18:22:39 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7.manifest
[2012.10.08 17:00:20 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_en-us_a3fc65831d23f3e9.manifest
[2014.07.02 01:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_cs-cz_48ded6f4e179a4b3.manifest
[2014.07.01 23:17:43 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_en-us_a3fb510b1d24efc5.manifest
[2006.11.02 14:33:50 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008.01.21 04:21:15 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2009.04.11 00:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010.04.12 20:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2012.10.08 18:23:59 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f.manifest
[2014.07.02 00:20:09 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19134_none_02449a6de02cf1e2.manifest
[2010.04.12 21:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2012.10.08 17:03:34 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0.manifest
[2014.07.01 23:23:24 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23436_none_eb76c5d5f9d485cc.manifest
[2006.11.02 12:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008.01.21 04:20:08 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009.04.11 00:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006.11.02 12:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006.11.02 14:33:50 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008.01.21 04:21:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2009.04.11 00:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010.04.12 20:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2012.10.08 18:26:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1.manifest
[2014.07.02 00:21:17 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19134_none_071f463b21038c24.manifest
[2010.04.12 21:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2012.10.08 17:05:32 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432.manifest
[2014.07.01 23:24:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23436_none_f05171a33aab200e.manifest
[2006.10.20 03:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008.01.21 04:23:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.30 06:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:18:10 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.19134_none_47f18f01241f2064\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:18:07 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.23436_none_3123ba693dc6b44e\System.Runtime.Serialization.Formatters.Soap.dll
[2008.11.22 12:52:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16386_cs-cz_0167850d1d10bca1\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.11.22 12:53:54 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18000_cs-cz_013c06c91d68656d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.18005_cs-cz_01178c051db9f981\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.19134_cs-cz_011aa56d1db7295d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.23436_cs-cz_ea4cd0d5375ebd47\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2006.11.02 14:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008.01.21 04:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2009.02.18 20:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010.04.12 14:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2012.10.08 13:01:09 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c\System.Runtime.Serialization.dll
[2014.06.27 00:17:19 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19134_none_d20164d3b885f0af\System.Runtime.Serialization.dll
[2010.04.12 14:22:49 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2012.10.08 12:59:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd\System.Runtime.Serialization.dll
[2014.06.21 00:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23436_none_bb33903bd22d8499\System.Runtime.Serialization.dll
[2008.11.22 12:53:39 | 000,081,920 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d\System.RunTime.Serialization.Resources.dll
[2008.11.22 12:53:53 | 000,086,016 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_cs-cz_5facab8cc7d210c9\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_cs-cz_48ded6f4e179a4b3\System.RunTime.Serialization.Resources.dll
[2006.11.02 14:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008.01.21 04:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2009.02.18 20:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2012.10.08 13:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f\System.Runtime.Serialization.dll
[2014.06.27 00:17:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19134_none_02449a6de02cf1e2\System.Runtime.Serialization.dll
[2010.04.12 14:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2012.10.08 12:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0\System.Runtime.Serialization.dll
[2014.06.21 00:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23436_none_eb76c5d5f9d485cc\System.Runtime.Serialization.dll
[2008.11.22 12:53:32 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_f15fa7f9f28d5343\serial.sys.mui
[2006.11.02 14:41:26 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_34b5f355d987afa1\serial.sys.mui
[2008.01.21 04:23:26 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2008.11.22 12:53:22 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_bdf5a8f7ae6b024a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.11.22 12:53:58 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_c02c6af3ab56131e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_c217e3ffa877de6a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.19134_cs-cz_c1f65f0fa8912fae\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.23436_cs-cz_c282003ac1acfc74\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.11.22 12:53:30 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_4c341f95e6bfb3a8\serialui.dll.mui
[2008.11.22 12:57:41 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7\serialui.dll.mui
[2008.11.22 12:54:03 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c\serialui.dll.mui
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2008.11.22 12:53:38 | 000,081,920 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_5b3d50955593c887\System.RunTime.Serialization.Resources.dll
[2008.11.22 12:53:52 | 000,086,016 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_5d741291527ed95b\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_5f5f8b9d4fa0a4a7\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.19134_cs-cz_5f3e06ad4fb9f5eb\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.23436_cs-cz_5fc9a7d868d5c2b1\System.RunTime.Serialization.Resources.dll
[2008.11.22 12:52:52 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_c27f608a4f515351\serial.sys.mui
[2006.11.02 14:40:54 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_05d5abe6364bafaf\serial.sys.mui
[2008.01.21 04:23:01 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2008.11.22 12:53:32 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_b4070b50f198e261\grserial.sys.mui
[2006.11.02 14:41:26 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_f75d56acd8933ebf\grserial.sys.mui
[2008.01.21 04:23:22 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006.11.02 14:36:02 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008.01.21 04:25:21 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2009.02.18 20:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2012.10.08 13:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1\System.Runtime.Serialization.dll
[2014.06.27 00:17:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19134_none_071f463b21038c24\System.Runtime.Serialization.dll
[2010.04.12 14:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll
[2012.10.08 12:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432\System.Runtime.Serialization.dll
[2014.06.21 00:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23436_none_f05171a33aab200e\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
[2008.09.15 16:14:34 | 002,184,488 | ---- | M] () -- \Program Files\CyberLink\Shared files\Plugin\5.0\CES_3DLoaderFBX.dll
[2011.12.31 17:50:55 | 000,001,470 | ---- | M] () -- \Program Files\fliptoast\lib\core\FileLoader.js
[2011.12.31 17:50:55 | 000,004,091 | ---- | M] () -- \Program Files\fliptoast\lib\core\IconLoader.js
[2011.12.31 17:50:56 | 000,006,820 | ---- | M] () -- \Program Files\fliptoast\themes\normal\Images\loader.gif
[2010.12.23 15:47:46 | 000,004,176 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Resources\en-US\searching\ajax-loader.gif
[2010.12.23 15:47:48 | 000,000,500 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Tools\DynamicComponents\ruby\dcloader.rb
[2010.12.23 15:47:48 | 000,001,871 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Tools\ShadowStringsFix\shadowstringsfix_loader.rb
[2010.12.23 15:47:48 | 000,003,949 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Tools\SolarNorth\solarnorth_loader.rb
[2010.12.23 15:47:48 | 000,029,565 | ---- | M] () -- \Program Files\Google\Google SketchUp 8\Tools\WebTextures\webtextures_loader.rb
[2009.10.06 06:08:30 | 000,145,082 | ---- | M] () -- \Program Files\HP\HP Deskjet 1050 J410 series\Bin\HelpViewer\Resources\Loader.gif
[2009.09.08 15:19:10 | 000,010,916 | ---- | M] () -- \Program Files\HP\QuickPlay\mm\MediaCtrl\ImageLoader.kc
[2009.09.08 15:19:22 | 000,003,433 | ---- | M] () -- \Program Files\HP\QuickPlay\widget\langloader.kc
[2009.09.08 15:19:22 | 000,012,442 | ---- | M] () -- \Program Files\HP\QuickPlay\widget\layoutloader.kc
[2011.01.17 16:21:04 | 000,006,263 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.09.29 18:57:41 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 17:00:08 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.09.29 18:57:57 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 12:24:20 | 000,003,689 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2013.01.21 16:03:44 | 000,030,608 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2008.09.19 13:55:44 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2008.09.15 16:14:34 | 002,184,488 | ---- | M] () -- \SWSetup\CyberDVD\Stage1\PDIR\ShareFiles\Share\Plugin\5.0\CES_3DLoaderFBX.dll
[2008.09.19 13:55:44 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2009.10.25 12:11:19 | 000,009,436 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Google\Google Desktop\7d6f1e03e67e\downloaded_gadgets\youtube_mp4_downloader.gg
[2009.08.14 16:09:11 | 000,003,185 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Google\Google Desktop\7d6f1e03e67e\icons\megavideodownloader_sm.gif
[2009.10.25 12:14:38 | 000,002,960 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Google\Google Desktop\7d6f1e03e67e\icons\utubedownloader_sm.gif
[2011.07.02 17:09:25 | 000,001,843 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Google\Google Desktop\7d6f1e03e67e\icons\youtubemp4downloader_sm.gif
[2014.07.20 12:42:31 | 000,001,980 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\33RZIE6P\AdLoader[1].htm
[2014.08.06 11:21:06 | 000,018,544 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8BFFH9N\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js
[2014.08.05 18:35:23 | 000,001,980 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8BFFH9N\AdLoader[1].htm
[142 \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8BFFH9N\*.tmp files -> \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8BFFH9N\*.tmp -> ]
[2014.08.05 18:35:24 | 000,017,912 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7ROPBN6\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[92 \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7ROPBN6\*.tmp files -> \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7ROPBN6\*.tmp -> ]
[2014.08.06 11:21:06 | 000,001,980 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHV3IMUI\AdLoader[1].htm
[139 \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHV3IMUI\*.tmp files -> \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHV3IMUI\*.tmp -> ]
[2014.06.25 09:05:38 | 000,009,660 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A9ME3X0\ajax_loader[1].gif
[2014.07.05 10:36:03 | 000,003,825 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A9ME3X0\block-loader-8[1].gif
[2014.06.25 09:23:52 | 000,000,673 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A9ME3X0\loader.white[1].gif
[2014.06.25 09:20:33 | 000,019,129 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3A9ME3X0\loader[1].js
[2014.09.04 09:57:21 | 000,005,727 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4HXCKOML\loader[1].js
[2014.08.22 09:33:44 | 000,093,331 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E1OOEC61\sf_preloader[1].js
[2014.08.27 19:55:35 | 000,019,124 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GAM75RL1\loader[1].js
[2014.08.28 08:32:18 | 000,005,727 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GAR4RZ2F\loader[1].js
[2014.08.02 09:45:13 | 000,001,849 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L5BLSZ85\loader-white-bg[1].gif
[2014.08.02 09:50:27 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L5BLSZ85\loader[1].js
[2014.08.03 20:33:15 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MA494UNP\loader[1].js
[2014.08.04 13:07:23 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MHQDE978\loader[1].js
[2014.08.04 14:49:57 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MHQDE978\loader[2].js
[2014.08.04 14:34:21 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N7OFAXP1\loader[1].js
[2014.08.04 14:37:58 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N7OFAXP1\loader[2].js
[2014.08.19 13:34:15 | 000,092,812 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NY0FZLGU\sf_preloader[1].js
[2014.08.02 09:45:13 | 000,002,110 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PM3KDHB3\loader[1].gif
[2014.06.25 09:23:52 | 000,000,723 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q8XKFC7F\ajax-loader[1].gif
[2014.08.27 13:13:27 | 000,012,030 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RHO766BO\loader_nav15972_3[1].js
[2014.08.04 14:32:55 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RPE0L2NP\loader[2].js
[2014.06.25 09:23:51 | 000,016,164 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RYLGHKTK\loader[1].png
[2014.08.04 14:49:14 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TAHFNBMV\loader[1].js
[2014.08.04 15:22:10 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TAHFNBMV\loader[3].js
[2014.07.07 13:40:10 | 000,007,316 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V65ZBQB6\loader[1].js
[2014.06.25 09:21:47 | 000,019,129 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VKZNVLKW\loader[1].js
[2014.07.05 10:36:02 | 000,000,184 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WP2IVMKS\block-loader-8[1].htm
[2014.06.25 09:39:56 | 000,004,006 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y2KWWG5D\uploaderapi2[1].swf
[2014.08.04 13:06:16 | 000,004,132 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y2XYZ4FQ\loader[1].js
[2014.08.05 11:45:03 | 000,019,124 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Y2XYZ4FQ\loader[2].js
[2014.07.01 11:46:16 | 000,072,638 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.07.01 11:46:16 | 000,003,032 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Skype\Apps\login\images\loader.png
[2014.07.01 11:46:16 | 000,006,012 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.01 11:46:16 | 000,021,956 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.01 11:46:16 | 000,009,772 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.06.24 09:10:49 | 000,009,427 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\GGNRF4ED\ajax-loader[1].gif
[2014.08.13 08:54:33 | 000,005,727 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\GGNRF4ED\loader[1].js
[2011.12.31 17:50:56 | 000,006,820 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\com.w3i.FlipToast\Local Store\currenttheme\Images\loader.gif
[2014.07.31 20:57:43 | 000,001,398 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\content\dialogs\offer_downloader.css
[2014.07.31 20:57:44 | 000,002,301 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\content\dialogs\offer_downloader.js
[2014.07.31 20:57:44 | 000,001,276 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\content\dialogs\offer_downloader.xul
[2014.07.31 20:57:46 | 000,000,226 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\locale\ar\fvd.offer_downloader.dtd
[2014.07.31 20:57:46 | 000,000,226 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\locale\en-US\fvd.offer_downloader.dtd
[2014.07.31 20:57:47 | 000,000,226 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\locale\hy-AM\fvd.offer_downloader.dtd
[2014.07.31 20:57:47 | 000,000,226 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\locale\lt\fvd.offer_downloader.dtd
[2014.07.31 20:57:48 | 000,000,226 | ---- | M] () -- \Users\Moris Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cvcp5k1n.default\extensions\artur.dubovoy@gmail.com\chrome\locale\ru\fvd.offer_downloader.dtd
[2010.03.04 09:12:03 | 000,019,080 | ---- | M] () -- \Users\Moris Jan\Downloads\Nikon\VDownloader-Download-51327.html
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[7 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2008.08.06 16:30:04 | 000,009,622 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.08.06 16:35:32 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2008.11.22 12:54:35 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.11.22 12:54:35 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.11.22 12:54:35 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2008.01.21 04:26:53 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008.01.21 04:26:53 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winload.exe.mui_3bc5b827
[2008.01.21 04:26:53 | 000,019,456 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winresume.exe.mui_ff8b5358
[2009.08.04 20:07:42 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2009.08.04 20:07:42 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2009.08.04 20:07:42 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008.01.21 04:26:48 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:26:48 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.11.22 13:00:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.11.22 13:00:22 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.11.22 13:00:21 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.11.22 13:00:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.11.22 13:00:20 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.11.22 13:00:22 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.11.22 13:00:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.11.22 13:00:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.11.22 13:00:22 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.11.22 13:00:21 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.11.22 13:00:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.11.22 13:00:20 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.11.22 13:00:21 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.11.22 13:00:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.11.22 12:52:19 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.01.21 04:21:45 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008.11.22 13:00:24 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.11.22 13:00:24 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.21 04:20:53 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.11.22 13:00:23 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.11.22 13:00:23 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.21 04:19:11 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.21 04:23:37 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014.05.13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.07.28 12:02:59 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.06.27 00:17:18 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.08.27 14:19:02 | 000,004,857 | ---- | M] () -- \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E1OOEC61\jquery.serialscroll[1].js
[2008.09.04 09:06:40 | 000,079,120 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe
[2008.09.04 09:07:02 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-CHS.dll
[2008.09.04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-DEU.dll
[2008.09.04 09:07:04 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ESP.dll
[2008.09.04 09:07:06 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-FRA.dll
[2008.09.04 09:07:10 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ITA.dll
[2008.09.04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-JPN.dll
[2008.09.04 09:07:14 | 000,010,512 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-KOR.dll
[2008.09.04 09:07:16 | 000,011,024 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-NLD.dll
[2013.09.08 12:24:37 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 00:18:10 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.06.27 00:17:18 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.15 11:58:14 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\032ab8e56366d48dc3f04b6eb7bc8c9f\System.Runtime.Serialization.ni.dll
[2014.08.19 09:52:28 | 002,346,496 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3cc10b92cfad8e49166ce54839ffb833\System.Runtime.Serialization.ni.dll
[2014.08.19 09:49:24 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4059a7ce83ad5b2ca934d8cf02c36ed0\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.15 11:57:31 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\71d3236a23facafbbb7c81924df6ba0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.27 10:22:32 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.27 10:22:32 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.27 10:23:06 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.02.27 10:23:06 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.02.27 10:35:28 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.02.27 10:35:28 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:18:10 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.27 00:17:19 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[7 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2008.11.22 12:54:03 | 000,005,632 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2008.11.22 12:53:32 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2008.11.22 12:53:32 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2006.11.02 14:41:26 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\en-US\grserial.sys.mui
[2006.11.02 14:40:54 | 000,010,752 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2008.01.21 04:23:26 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006.11.02 09:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008.01.21 04:23:01 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006.11.02 10:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006.11.02 10:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008.01.21 04:23:22 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2008.11.22 12:57:41 | 000,005,632 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009.08.04 20:07:48 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2009.08.04 20:07:48 | 000,017,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61_kdcom.dll_db5e7744
[2008.11.22 12:58:26 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7_serialui.dll.mui_7d29d2a3
[2008.11.22 12:54:34 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c_serialui.dll.mui_7d29d2a3
[2009.08.04 20:08:07 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805_serialui.dll_bea29328
[2006.11.02 14:33:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008.01.21 04:21:15 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2009.04.11 00:16:00 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3.manifest
[2010.04.12 20:29:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe.manifest
[2012.10.08 18:24:13 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c.manifest
[2014.07.02 00:20:17 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19134_none_d20164d3b885f0af.manifest
[2010.04.12 21:40:05 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e.manifest
[2012.10.08 17:03:48 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd.manifest
[2014.07.01 23:23:31 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23436_none_bb33903bd22d8499.manifest
[2008.11.22 12:51:44 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d.manifest
[2006.11.02 14:39:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2008.08.14 07:39:56 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8.manifest
[2008.08.14 07:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d.manifest
[2008.11.22 12:52:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9.manifest
[2008.08.14 10:36:16 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979.manifest
[2008.08.14 09:03:05 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f.manifest
[2009.04.11 11:04:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed.manifest
[2010.04.13 00:15:50 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418.manifest
[2010.04.12 19:44:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_en-us_bac8b1b1037ddf2a.manifest
[2012.10.08 21:37:20 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666.manifest
[2012.10.08 18:20:22 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_en-us_bac5ddaf03806178.manifest
[2014.07.02 01:14:29 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_cs-cz_5facab8cc7d210c9.manifest
[2014.07.02 00:10:09 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_en-us_bac925a3037d5bdb.manifest
[2010.04.13 00:51:48 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28.manifest
[2010.04.12 20:41:31 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_en-us_a400d96b1d1fd73a.manifest
[2012.10.08 18:22:39 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7.manifest
[2012.10.08 17:00:20 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_en-us_a3fc65831d23f3e9.manifest
[2014.07.02 01:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_cs-cz_48ded6f4e179a4b3.manifest
[2014.07.01 23:17:43 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_en-us_a3fb510b1d24efc5.manifest
[2006.11.02 14:33:50 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008.01.21 04:21:15 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2009.04.11 00:15:32 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206.manifest
[2010.04.12 20:29:29 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531.manifest
[2012.10.08 18:23:59 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f.manifest
[2014.07.02 00:20:09 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19134_none_02449a6de02cf1e2.manifest
[2010.04.12 21:39:45 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41.manifest
[2012.10.08 17:03:34 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0.manifest
[2014.07.01 23:23:24 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23436_none_eb76c5d5f9d485cc.manifest
[2006.11.02 12:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008.01.21 04:20:08 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2009.04.11 00:13:32 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6002.18005_none_13a1062aa9ccba61.manifest
[2006.11.02 12:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006.11.02 14:33:50 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008.01.21 04:21:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2009.04.11 00:18:56 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48.manifest
[2010.04.12 20:32:33 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73.manifest
[2012.10.08 18:26:11 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1.manifest
[2014.07.02 00:21:17 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19134_none_071f463b21038c24.manifest
[2010.04.12 21:42:39 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783.manifest
[2012.10.08 17:05:32 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432.manifest
[2014.07.01 23:24:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23436_none_f05171a33aab200e.manifest
[2006.10.20 03:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008.01.21 04:23:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2009.03.30 06:42:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:18:10 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.19134_none_47f18f01241f2064\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:18:07 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.23436_none_3123ba693dc6b44e\System.Runtime.Serialization.Formatters.Soap.dll
[2008.11.22 12:52:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16386_cs-cz_0167850d1d10bca1\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.11.22 12:53:54 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18000_cs-cz_013c06c91d68656d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.18005_cs-cz_01178c051db9f981\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.19134_cs-cz_011aa56d1db7295d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6002.23436_cs-cz_ea4cd0d5375ebd47\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2006.11.02 14:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008.01.21 04:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2009.02.18 20:38:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18005_none_d1fe4b6bb888c0d3\System.Runtime.Serialization.dll
[2010.04.12 14:21:15 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
[2012.10.08 13:01:09 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18707_none_d1fe1cdfb888f64c\System.Runtime.Serialization.dll
[2014.06.27 00:17:19 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.19134_none_d20164d3b885f0af\System.Runtime.Serialization.dll
[2010.04.12 14:22:49 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
[2012.10.08 12:59:43 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22945_none_bb34a4b3d22c88bd\System.Runtime.Serialization.dll
[2014.06.21 00:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.23436_none_bb33903bd22d8499\System.Runtime.Serialization.dll
[2008.11.22 12:53:39 | 000,081,920 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d\System.RunTime.Serialization.Resources.dll
[2008.11.22 12:53:53 | 000,086,016 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18005_cs-cz_5fa99224c7d4e0ed\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_cs-cz_5fac379ac7d29418\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18707_cs-cz_5fa96398c7d51666\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.19134_cs-cz_5facab8cc7d210c9\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_cs-cz_48e45f54e1748c28\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22945_cs-cz_48dfeb6ce178a8d7\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.23436_cs-cz_48ded6f4e179a4b3\System.RunTime.Serialization.Resources.dll
[2006.11.02 14:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008.01.21 04:25:23 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2009.02.18 20:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18005_none_02418105e02fc206\System.Runtime.Serialization.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
[2012.10.08 13:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18707_none_02415279e02ff77f\System.Runtime.Serialization.dll
[2014.06.27 00:17:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.19134_none_02449a6de02cf1e2\System.Runtime.Serialization.dll
[2010.04.12 14:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
[2012.10.08 12:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22945_none_eb77da4df9d389f0\System.Runtime.Serialization.dll
[2014.06.21 00:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.23436_none_eb76c5d5f9d485cc\System.Runtime.Serialization.dll
[2008.11.22 12:53:32 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_f15fa7f9f28d5343\serial.sys.mui
[2006.11.02 14:41:26 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_34b5f355d987afa1\serial.sys.mui
[2008.01.21 04:23:26 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2008.11.22 12:53:22 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_bdf5a8f7ae6b024a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.11.22 12:53:58 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_c02c6af3ab56131e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_c217e3ffa877de6a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.19134_cs-cz_c1f65f0fa8912fae\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.03.31 20:04:50 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6002.23436_cs-cz_c282003ac1acfc74\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.11.22 12:53:30 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_4c341f95e6bfb3a8\serialui.dll.mui
[2008.11.22 12:57:41 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_sk-sk_77c6875313d8fdd7\serialui.dll.mui
[2008.11.22 12:54:03 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c\serialui.dll.mui
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2008.01.21 04:23:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll
[2008.11.22 12:53:38 | 000,081,920 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_5b3d50955593c887\System.RunTime.Serialization.Resources.dll
[2008.11.22 12:53:52 | 000,086,016 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_5d741291527ed95b\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_cs-cz_5f5f8b9d4fa0a4a7\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.19134_cs-cz_5f3e06ad4fb9f5eb\System.RunTime.Serialization.Resources.dll
[2009.02.19 03:11:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.23436_cs-cz_5fc9a7d868d5c2b1\System.RunTime.Serialization.Resources.dll
[2008.11.22 12:52:52 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_c27f608a4f515351\serial.sys.mui
[2006.11.02 14:40:54 | 000,010,752 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_05d5abe6364bafaf\serial.sys.mui
[2008.01.21 04:23:01 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2008.11.22 12:53:32 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_b4070b50f198e261\grserial.sys.mui
[2006.11.02 14:41:26 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_f75d56acd8933ebf\grserial.sys.mui
[2008.01.21 04:23:22 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006.11.02 14:36:02 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008.01.21 04:25:21 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2009.02.18 20:38:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18005_none_071c2cd321065c48\System.Runtime.Serialization.dll
[2010.04.12 14:21:01 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
[2012.10.08 13:01:03 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18707_none_071bfe47210691c1\System.Runtime.Serialization.dll
[2014.06.27 00:17:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.19134_none_071f463b21038c24\System.Runtime.Serialization.dll
[2010.04.12 14:22:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll
[2012.10.08 12:59:29 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22945_none_f052861b3aaa2432\System.Runtime.Serialization.dll
[2014.06.21 00:17:55 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.23436_none_f05171a33aab200e\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
Re: Pomaly notebook vyskakuji okna
OTL Extras logfile created on: 8.9.2014 18:01:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Moris Jan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,75 Gb Total Physical Memory | 0,63 Gb Available Physical Memory | 35,78% Memory free
3,74 Gb Paging File | 2,34 Gb Available in Paging File | 62,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,62 Gb Total Space | 98,72 Gb Free Space | 34,08% Space Free | Partition Type: NTFS
Drive D: | 8,47 Gb Total Space | 1,59 Gb Free Space | 18,82% Space Free | Partition Type: NTFS
Computer Name: MORISJAN-PC | User Name: Moris Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EB8F69F-D1CE-441C-B1C2-A8D7F9E6626D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{11829782-93CF-440E-9B3C-ED1CFBE8DBF1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FCBF649-64A3-47F2-AF62-291F4247E467}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4535D932-DE6E-436E-84DD-7171D5855C80}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4EE13EC7-B1F2-4D3C-82DA-42BC3383B5CC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{717E7986-EF2A-4D7F-90D7-DA055A727633}" = lport=2869 | protocol=6 | dir=in | app=system |
"{94D7F0BC-0659-41FD-92D2-269E038671AF}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A42377C6-0283-4865-BAD6-EC09D25191E9}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B78B7BE6-1BDE-4CA7-A8AC-EA8A2E37CA61}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B98F20FC-A24A-4861-8E3D-A4860E74CBDF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C1FA0AA5-FBC2-45A5-8E22-EACEDF32254A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FAA18246-973E-43A3-8040-CE9E35E7655C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FC271F08-2A21-428C-8AD3-A8BAF94CAE75}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B68EE0-3DE5-4757-8884-3799B7D1F7E6}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{13F4EADB-62D4-4039-BC82-FDB2367D3E72}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{14E8C308-4209-4030-B136-A2B3FAD88089}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{189A589A-D023-46E2-A3FF-769DF5F5CB1A}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{33B0048D-FC2E-4969-A746-AFF7365C4E7A}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{33C4B358-5E70-42A9-9369-B33CD6CF911F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{3B850F89-4786-4694-A929-176167A71B30}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{4B47C04D-3A50-4105-875D-B1A56B3F4BDE}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{52B43E01-0586-4461-8B4C-63AB5980D29F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{7C1771D8-64D7-47C0-8695-BDF469C6E6B2}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"{7CA503F6-F02B-4177-B1D0-9E3027C100D1}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{86CDA336-238F-4411-8F0A-91DAECD93659}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{898117B3-3168-43EC-B86D-B16D755E37C0}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"{8DFC3452-D5C7-41A7-A58D-980D157DB277}" = dir=in | app=c:\program files\advanced driver updater\adu.exe |
"{91C9A18D-F69B-44C4-8007-A8930B0791FE}" = dir=in | app=c:\users\moris jan\appdata\roaming\allmyapps\allmyapps.exe |
"{9BDB8F06-B467-4BA7-A43D-D6DBA6C0AB5E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{9E0065E2-583C-4FE1-AC78-E9CB94E3C544}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{AE0B802C-F708-4640-B619-46296617F602}" = dir=in | app=c:\users\moris jan\appdata\roaming\allmyapps\allmyapps.exe |
"{BF706CC8-F254-465F-86B5-69B051F4B63E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{D41BA7E7-A4DE-4F27-91E1-3AC92B2A5B22}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{E23BC4CF-446E-4330-9D55-00F5569A860B}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{E2C8311A-8A18-45A4-832B-E3AD7B16B5DF}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{E5FD8187-D35F-4D2F-BA0B-639D6C90A572}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{E6B28BCF-D0B2-4D8D-96E3-36597B899AC0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E70AD81B-AEC3-457F-A899-A792501F483A}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{F2D5D4DB-6ACE-419C-898C-2C1370897CC7}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{F800ACC2-6B77-407A-B674-84DD68ADD8DB}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{F8E81E88-6A88-44E0-BDBB-B8A24673A7D4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{FB28D1EF-0481-47B8-B325-6CA00EE84C50}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"TCP Query User{2FA54486-ECA3-4C70-85E9-B9A90EB99F8D}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{554F0A98-46BB-4186-BE24-CBD48C4C5A0B}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{8BC07627-DC04-4508-BFCD-0A0F2553E733}C:\program files\winpcap\rpcapd.exe" = protocol=6 | dir=in | app=c:\program files\winpcap\rpcapd.exe |
"TCP Query User{9C2A4DBF-F362-4748-B3AF-4848FD36259A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9C6D3ED5-3008-4430-92CB-F967C7608F62}C:\users\moris jan\appdata\local\temp\1dcvvv.exe" = protocol=6 | dir=in | app=c:\users\moris jan\appdata\local\temp\1dcvvv.exe |
"TCP Query User{AB20699E-F459-4B58-B55E-7CF7C1A2690D}C:\program files\nero\nero 9\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 9\nero showtime\showtime.exe |
"TCP Query User{AF8388C0-CFE3-470C-A957-4BBF01AB6DD5}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{1CDB4040-0F27-43D1-9F6A-74CD7B809FE2}C:\program files\nero\nero 9\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 9\nero showtime\showtime.exe |
"UDP Query User{5FA506A9-177D-4916-9FCE-CBA9C15738CF}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{6916F703-79A6-4823-A0D7-545F85905762}C:\users\moris jan\appdata\local\temp\1dcvvv.exe" = protocol=17 | dir=in | app=c:\users\moris jan\appdata\local\temp\1dcvvv.exe |
"UDP Query User{7EBEA964-3B70-4A4B-BCFC-4AB5FE7639FF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A2CADFCC-9BC5-4BB9-BBA7-EAFA1D3F9F49}C:\program files\winpcap\rpcapd.exe" = protocol=17 | dir=in | app=c:\program files\winpcap\rpcapd.exe |
"UDP Query User{A8B4E171-E319-4171-9D7D-27282FAAAABA}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{B8EBC454-DA12-459F-BE33-08620928B34C}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0260AB54-8507-46A5-ADA7-E5F2C5327408}" = Windows Live Messenger
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero BurningROM
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1CF12F91-6F8B-8111-E3F1-DEF7B666DEFE}" = FlipToast
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{332DB63A-14F2-465D-9C7E-B0D04353323F}" = Registry Reviver
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{496F4FDB-A4A5-4AB1-89C2-7B4FFD37F9F1}" = Základní software zařízení HP Deskjet 1050 J410 series
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59482AA7-3E30-4B5E-A52F-4101DACC2707}" = Nero InCD
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{59C51498-BEDE-4033-BBEE-16908F1EFB47}" = AVG 2014
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Nápověda
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5ED9E38C-9A96-49D8-89B3-92E278003FCF}" = TRS2006
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{65173BC2-60E7-4DE8-A61D-A81FCB96EE93}" = Pinnacle Studio Ultimate Plugins
"{6533CC5B-8474-4E6E-A5DB-CAC502DA7C86}" = Lišta Centrum.cz
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.1.3.38d
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7ccd7e96-032b-4885-b485-a8123efcb6e0}" = Nero 9
"{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}" = LightScribe Template Labeler
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.10) - Czech
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BEA3FF0E-D040-4D9A-B939-9AEB28C2EC64}" = Studie zlepšení produktu HP Deskjet 1050 J410 series
"{BF669500-AF84-4D7A-95D3-C6D8D73CF4F1}" = Whales and Dolphins
"{C2B9C70F-165E-450D-9EC1-F7B160016291}" = Living 3D Dolphin
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.10.324
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E64C137C-D0B7-467A-B47F-460AAB30F0A3}" = ViewNX 2
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F37413EB-9B55-4764-AC88-90BCBB3D4695}" = AVG 2014
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F4770313-7391-411F-B484-43394A785B97}" = HP Customer Experience Enhancements
"{F4C96E82-14D2-485F-93A9-6B246C40130A}" = HP Easy Setup - Frontend
"{F523590C-E732-44ED-9A9F-88EDA2D97AED}" = Nitro Reader 2
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{FB03A941-815E-42F2-B604-FCE5636DB90B}" = AVG PC TuneUp Language Pack (en-US)
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer
"aTube Catcher" = aTube Catcher
"Audacity_is1" = Audacity 2.0.3
"AVG" = AVG 2014
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.w3i.FlipToast" = FlipToast
"CoreAAC" = CoreAAC
"Easy Karaoke Player_is1" = Easy Karaoke Player version 3.35
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"FormatFactory" = FormatFactory 2.45
"GOM Player" = GOM Player
"Google Desktop" = Google Desktop
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 31.0 (x86 cs)" = Mozilla Firefox 31.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Office Clock - 7_is1" = Office Clock-7 4.02
"Okoker AVI to DVD VCD MPEG WMV AVI Converter&Burner_is1" = Okoker AVI to DVD VCD MPEG WMV AVI Converter&Burner 6.0
"PhotoScape" = PhotoScape
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.0.8
"VMidi" = vanBasco's Karaoke Player
"Wav-2-Midi" = Wav-2-Midi
"WinPcapInst" = WinPcap 4.1.1
"XnView_is1" = XnView 1.99
"XP Codec Pack" = XP Codec Pack
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RewardsArcadeSuite" = RewardsArcadeSuite
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RewardsArcadeSuite" = RewardsArcadeSuite
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8.9.2014 1:24:56 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:24:56 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:24:56 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:24:57 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:24:57 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:24:57 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:25:10 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:25:10 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:29:45 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:29:45 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
[ System Events ]
Error - 5.9.2014 18:13:52 | Computer Name = MorisJan-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 5.9.2014 18:37:12 | Computer Name = MorisJan-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =
Error - 6.9.2014 3:18:22 | Computer Name = MorisJan-PC | Source = DCOM | ID = 10010
Description =
Error - 6.9.2014 3:22:34 | Computer Name = MorisJan-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6.9.2014 3:26:53 | Computer Name = MorisJan-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 8.9.2014 1:05:41 | Computer Name = MorisJan-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (9:31:42, 6.9.2014) bylo neočekávané.
Error - 8.9.2014 1:07:21 | Computer Name = MorisJan-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8.9.2014 1:11:30 | Computer Name = MorisJan-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 8.9.2014 1:21:38 | Computer Name = MorisJan-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 8.9.2014 1:28:55 | Computer Name = MorisJan-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Moris Jan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,75 Gb Total Physical Memory | 0,63 Gb Available Physical Memory | 35,78% Memory free
3,74 Gb Paging File | 2,34 Gb Available in Paging File | 62,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,62 Gb Total Space | 98,72 Gb Free Space | 34,08% Space Free | Partition Type: NTFS
Drive D: | 8,47 Gb Total Space | 1,59 Gb Free Space | 18,82% Space Free | Partition Type: NTFS
Computer Name: MORISJAN-PC | User Name: Moris Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EB8F69F-D1CE-441C-B1C2-A8D7F9E6626D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{11829782-93CF-440E-9B3C-ED1CFBE8DBF1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FCBF649-64A3-47F2-AF62-291F4247E467}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4535D932-DE6E-436E-84DD-7171D5855C80}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4EE13EC7-B1F2-4D3C-82DA-42BC3383B5CC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{717E7986-EF2A-4D7F-90D7-DA055A727633}" = lport=2869 | protocol=6 | dir=in | app=system |
"{94D7F0BC-0659-41FD-92D2-269E038671AF}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A42377C6-0283-4865-BAD6-EC09D25191E9}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B78B7BE6-1BDE-4CA7-A8AC-EA8A2E37CA61}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B98F20FC-A24A-4861-8E3D-A4860E74CBDF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C1FA0AA5-FBC2-45A5-8E22-EACEDF32254A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FAA18246-973E-43A3-8040-CE9E35E7655C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FC271F08-2A21-428C-8AD3-A8BAF94CAE75}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B68EE0-3DE5-4757-8884-3799B7D1F7E6}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{13F4EADB-62D4-4039-BC82-FDB2367D3E72}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{14E8C308-4209-4030-B136-A2B3FAD88089}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{189A589A-D023-46E2-A3FF-769DF5F5CB1A}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{33B0048D-FC2E-4969-A746-AFF7365C4E7A}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{33C4B358-5E70-42A9-9369-B33CD6CF911F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{3B850F89-4786-4694-A929-176167A71B30}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{4B47C04D-3A50-4105-875D-B1A56B3F4BDE}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{52B43E01-0586-4461-8B4C-63AB5980D29F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{7C1771D8-64D7-47C0-8695-BDF469C6E6B2}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"{7CA503F6-F02B-4177-B1D0-9E3027C100D1}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{86CDA336-238F-4411-8F0A-91DAECD93659}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{898117B3-3168-43EC-B86D-B16D755E37C0}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"{8DFC3452-D5C7-41A7-A58D-980D157DB277}" = dir=in | app=c:\program files\advanced driver updater\adu.exe |
"{91C9A18D-F69B-44C4-8007-A8930B0791FE}" = dir=in | app=c:\users\moris jan\appdata\roaming\allmyapps\allmyapps.exe |
"{9BDB8F06-B467-4BA7-A43D-D6DBA6C0AB5E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{9E0065E2-583C-4FE1-AC78-E9CB94E3C544}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{AE0B802C-F708-4640-B619-46296617F602}" = dir=in | app=c:\users\moris jan\appdata\roaming\allmyapps\allmyapps.exe |
"{BF706CC8-F254-465F-86B5-69B051F4B63E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{D41BA7E7-A4DE-4F27-91E1-3AC92B2A5B22}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{E23BC4CF-446E-4330-9D55-00F5569A860B}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{E2C8311A-8A18-45A4-832B-E3AD7B16B5DF}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{E5FD8187-D35F-4D2F-BA0B-639D6C90A572}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{E6B28BCF-D0B2-4D8D-96E3-36597B899AC0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E70AD81B-AEC3-457F-A899-A792501F483A}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{F2D5D4DB-6ACE-419C-898C-2C1370897CC7}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{F800ACC2-6B77-407A-B674-84DD68ADD8DB}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{F8E81E88-6A88-44E0-BDBB-B8A24673A7D4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{FB28D1EF-0481-47B8-B325-6CA00EE84C50}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"TCP Query User{2FA54486-ECA3-4C70-85E9-B9A90EB99F8D}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{554F0A98-46BB-4186-BE24-CBD48C4C5A0B}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{8BC07627-DC04-4508-BFCD-0A0F2553E733}C:\program files\winpcap\rpcapd.exe" = protocol=6 | dir=in | app=c:\program files\winpcap\rpcapd.exe |
"TCP Query User{9C2A4DBF-F362-4748-B3AF-4848FD36259A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9C6D3ED5-3008-4430-92CB-F967C7608F62}C:\users\moris jan\appdata\local\temp\1dcvvv.exe" = protocol=6 | dir=in | app=c:\users\moris jan\appdata\local\temp\1dcvvv.exe |
"TCP Query User{AB20699E-F459-4B58-B55E-7CF7C1A2690D}C:\program files\nero\nero 9\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 9\nero showtime\showtime.exe |
"TCP Query User{AF8388C0-CFE3-470C-A957-4BBF01AB6DD5}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{1CDB4040-0F27-43D1-9F6A-74CD7B809FE2}C:\program files\nero\nero 9\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 9\nero showtime\showtime.exe |
"UDP Query User{5FA506A9-177D-4916-9FCE-CBA9C15738CF}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{6916F703-79A6-4823-A0D7-545F85905762}C:\users\moris jan\appdata\local\temp\1dcvvv.exe" = protocol=17 | dir=in | app=c:\users\moris jan\appdata\local\temp\1dcvvv.exe |
"UDP Query User{7EBEA964-3B70-4A4B-BCFC-4AB5FE7639FF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A2CADFCC-9BC5-4BB9-BBA7-EAFA1D3F9F49}C:\program files\winpcap\rpcapd.exe" = protocol=17 | dir=in | app=c:\program files\winpcap\rpcapd.exe |
"UDP Query User{A8B4E171-E319-4171-9D7D-27282FAAAABA}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{B8EBC454-DA12-459F-BE33-08620928B34C}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0260AB54-8507-46A5-ADA7-E5F2C5327408}" = Windows Live Messenger
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero BurningROM
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1CF12F91-6F8B-8111-E3F1-DEF7B666DEFE}" = FlipToast
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{332DB63A-14F2-465D-9C7E-B0D04353323F}" = Registry Reviver
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{496F4FDB-A4A5-4AB1-89C2-7B4FFD37F9F1}" = Základní software zařízení HP Deskjet 1050 J410 series
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59482AA7-3E30-4B5E-A52F-4101DACC2707}" = Nero InCD
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{59C51498-BEDE-4033-BBEE-16908F1EFB47}" = AVG 2014
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Nápověda
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5ED9E38C-9A96-49D8-89B3-92E278003FCF}" = TRS2006
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{65173BC2-60E7-4DE8-A61D-A81FCB96EE93}" = Pinnacle Studio Ultimate Plugins
"{6533CC5B-8474-4E6E-A5DB-CAC502DA7C86}" = Lišta Centrum.cz
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.1.3.38d
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7ccd7e96-032b-4885-b485-a8123efcb6e0}" = Nero 9
"{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}" = LightScribe Template Labeler
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.10) - Czech
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BEA3FF0E-D040-4D9A-B939-9AEB28C2EC64}" = Studie zlepšení produktu HP Deskjet 1050 J410 series
"{BF669500-AF84-4D7A-95D3-C6D8D73CF4F1}" = Whales and Dolphins
"{C2B9C70F-165E-450D-9EC1-F7B160016291}" = Living 3D Dolphin
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.10.324
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E64C137C-D0B7-467A-B47F-460AAB30F0A3}" = ViewNX 2
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F37413EB-9B55-4764-AC88-90BCBB3D4695}" = AVG 2014
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F4770313-7391-411F-B484-43394A785B97}" = HP Customer Experience Enhancements
"{F4C96E82-14D2-485F-93A9-6B246C40130A}" = HP Easy Setup - Frontend
"{F523590C-E732-44ED-9A9F-88EDA2D97AED}" = Nitro Reader 2
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{FB03A941-815E-42F2-B604-FCE5636DB90B}" = AVG PC TuneUp Language Pack (en-US)
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer
"aTube Catcher" = aTube Catcher
"Audacity_is1" = Audacity 2.0.3
"AVG" = AVG 2014
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.w3i.FlipToast" = FlipToast
"CoreAAC" = CoreAAC
"Easy Karaoke Player_is1" = Easy Karaoke Player version 3.35
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"FormatFactory" = FormatFactory 2.45
"GOM Player" = GOM Player
"Google Desktop" = Google Desktop
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 31.0 (x86 cs)" = Mozilla Firefox 31.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Office Clock - 7_is1" = Office Clock-7 4.02
"Okoker AVI to DVD VCD MPEG WMV AVI Converter&Burner_is1" = Okoker AVI to DVD VCD MPEG WMV AVI Converter&Burner 6.0
"PhotoScape" = PhotoScape
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.0.8
"VMidi" = vanBasco's Karaoke Player
"Wav-2-Midi" = Wav-2-Midi
"WinPcapInst" = WinPcap 4.1.1
"XnView_is1" = XnView 1.99
"XP Codec Pack" = XP Codec Pack
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RewardsArcadeSuite" = RewardsArcadeSuite
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RewardsArcadeSuite" = RewardsArcadeSuite
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8.9.2014 1:24:56 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:24:56 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:24:56 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:24:57 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:24:57 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:24:57 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:25:10 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:25:10 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:29:45 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 8.9.2014 1:29:45 | Computer Name = MorisJan-PC | Source = Windows Search Service | ID = 3013
Description =
[ System Events ]
Error - 5.9.2014 18:13:52 | Computer Name = MorisJan-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 5.9.2014 18:37:12 | Computer Name = MorisJan-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =
Error - 6.9.2014 3:18:22 | Computer Name = MorisJan-PC | Source = DCOM | ID = 10010
Description =
Error - 6.9.2014 3:22:34 | Computer Name = MorisJan-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6.9.2014 3:26:53 | Computer Name = MorisJan-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 8.9.2014 1:05:41 | Computer Name = MorisJan-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (9:31:42, 6.9.2014) bylo neočekávané.
Error - 8.9.2014 1:07:21 | Computer Name = MorisJan-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8.9.2014 1:11:30 | Computer Name = MorisJan-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 8.9.2014 1:21:38 | Computer Name = MorisJan-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 8.9.2014 1:28:55 | Computer Name = MorisJan-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =
< End of report >
Re: Pomaly notebook vyskakuji okna
Napiste mi velikost adresare plochy (C:\Users\Moris Jan\Desktop) Vypnete antivir, at nebrani programu v praci. Znovu spustte OTL jako spravceDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]
:services
MBAMSwissArmy
AdobeARMservice
Nero BackItUp Scheduler 4.0
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf94fa94710a2e.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\NeroLiveEpgUpdate-MorisJan-PC_Moris-Jan.job
:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{89F0EFA3-627F-4666-B6B5-BA622E51008A}: "URL" = http://slirsredirect.search.aol.com/sli ... 632&query={searchTerms}&invocationType=tb50hpcnnbie7-cs-cz
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{B5088F42-2168-4891-AAEC-D56D305F9798}: "URL" = http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{B5088F42-2168-4891-AAEC-D56D305F9798}: "URL" = http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes,DefaultScope = AE929DE2FC344FE08074098FBC9B928E
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{252E6241-9506-4A49-B439-DAC7FC915E1B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2737658
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{2BDB178A-DE3D-44EE-85C1-566ADEF0D457}: "URL" = http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80923&lng=cs
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\SearchScopes\{89F0EFA3-627F-4666-B6B5-BA622E51008A}: "URL" = http://slirsredirect.search.aol.com/sli ... 632&query={searchTerms}&invocationType=tb50hpcnnbie7-cs-cz
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{252E6241-9506-4A49-B439-DAC7FC915E1B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2737658
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{2BDB178A-DE3D-44EE-85C1-566ADEF0D457}: "URL" = http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80923&lng=cs
IE - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{89F0EFA3-627F-4666-B6B5-BA622E51008A}: "URL" = http://slirsredirect.search.aol.com/sli ... 632&query={searchTerms}&invocationType=tb50hpcnnbie7-cs-cz
FF - prefs.js..browser.search.defaultenginename: "Amazon "
FF - prefs.js..browser.search.useDBForOrder: false
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O9 - Extra Button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - Reg Error: Key error. File not found
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-4136020796-4189899158-2340523899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\Amazon\AMAZON~1\\AMAZON~1.DLL) - File not found
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[214 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[52 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp -> ]
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[20 C:\Windows\System32\config\systemprofile\AppData\Local\Avg2014\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Avg2014\temp\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
[6 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[142 \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8BFFH9N\*.tmp files -> \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8BFFH9N\*.tmp -> ]
[92 \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7ROPBN6\*.tmp files -> \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7ROPBN6\*.tmp -> ]
[139 \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHV3IMUI\*.tmp files -> \Users\Moris Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHV3IMUI\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 5384 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:D1B5B4F1
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5D9C17C6-093D-43E5-BF3D-4A13D162AB74}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
""=-
"Adobe ARM"=-
"seznam-listicka-distribuce"=-
"Windows Defender"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?
