Prosím o kontrolu logu + Vyřešeno

[misananuk]

v nouzovém režimu: ComboFix 13-02-03.03 - Administráto 04.02.2013 15:22:58.4.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4086.2336 [GMT 1:00]
Spuštěný z: c:\users\Administrßto\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Administrßto\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-04 do 2013-02-04 )))))))))))))))))))))))))))))))
.
.
2013-02-04 14:53 . 2013-02-04 14:53 -------- d-----w- c:\users\Mik\AppData\Local\temp
2013-02-04 14:53 . 2013-02-04 14:53 -------- d-----w- c:\users\M\AppData\Local\temp
2013-02-04 14:53 . 2013-02-04 14:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-03 19:38 . 2013-02-03 19:38 -------- d-----w- c:\users\Administráto\AppData\Roaming\Malwarebytes
2013-02-03 19:38 . 2013-02-03 19:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-03 19:38 . 2013-02-03 19:38 -------- d-----w- c:\programdata\Malwarebytes
2013-02-03 19:38 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-03 19:37 . 2013-02-03 19:37 -------- d-----w- c:\users\Administráto\AppData\Local\Programs
2013-02-03 17:49 . 2013-02-03 17:49 -------- d---a-w- c:\windows\rundll16.exe
2013-02-03 17:49 . 2013-02-03 17:49 -------- d---a-w- c:\windows\logo1_.exe
2013-02-02 15:28 . 2013-01-15 01:45 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2DC8B9F-89B7-42C1-A621-4DB1F0287043}\mpengine.dll
2013-01-30 22:18 . 2013-01-30 22:18 -------- d-----w- c:\program files (x86)\Lavalys
2013-01-30 15:44 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-01-30 15:44 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-01-30 15:44 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-01-30 15:44 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-01-30 15:44 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-30 15:43 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-01-30 15:43 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-30 15:43 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-01-30 15:43 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2013-01-30 15:43 . 2013-01-30 15:43 -------- d-----w- c:\programdata\AVAST Software
2013-01-30 15:43 . 2013-01-30 15:43 -------- d-----w- c:\program files\AVAST Software
2013-01-30 13:02 . 2013-01-30 22:43 242 ----a-w- c:\windows\DeleteOnReboot.bat
2013-01-30 11:53 . 2013-01-30 11:53 -------- d-----w- c:\program files\trend micro
2013-01-30 11:53 . 2013-01-30 11:53 -------- d-----w- C:\rsit
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\VDLL.DLL
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\SysWow64\runouce.exe
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\RUNDL132.EXE
2013-01-29 22:30 . 2013-01-29 22:30 -------- d---a-w- c:\windows\logo_1.exe
2013-01-29 22:19 . 2013-01-29 22:19 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2013-01-29 22:19 . 2013-01-29 22:19 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2013-01-29 22:19 . 2013-01-29 22:19 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2013-01-29 22:19 . 2013-01-29 22:19 -------- d-----w- c:\programdata\MicroWorld
2013-01-29 20:07 . 2013-01-29 20:07 -------- d-----w- c:\programdata\Local Settings
2013-01-29 20:07 . 2013-01-29 21:59 0 ---ha-w- c:\users\Administráto\AppData\Roaming\winsvcns.sys
2013-01-29 20:07 . 2013-01-30 21:57 -------- d-sh--r- c:\users\Administráto\6438640620394286720310355
2013-01-20 18:05 . 2013-01-20 18:05 -------- d-----w- c:\programdata\ATI
2013-01-20 18:05 . 2013-01-20 18:05 -------- d-----w- c:\program files (x86)\AMD AVT
2013-01-20 18:04 . 2013-01-20 18:04 -------- d-----w- c:\program files (x86)\AMD APP
2013-01-10 00:23 . 2013-01-10 00:26 -------- d-----w- C:\bbbe4d066e61f4ce11b743a7
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-30 13:41 . 2010-06-05 12:37 3090528 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2013-01-30 13:41 . 2011-01-20 11:22 3097056 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1029\ResourceCache.dll
2013-01-29 21:59 . 2013-01-29 20:07 0 ---ha-w- c:\users\Administráto\AppData\Roaming\winsvcns.sys
2013-01-29 21:59 . 2013-01-29 20:07 0 ---ha-w- c:\users\Administráto\AppData\Roaming\winsvcns.sys
2013-01-24 13:26 . 2012-08-29 14:29 37720 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-01-17 00:28 . 2009-11-25 08:45 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-10 00:23 . 2009-11-25 09:42 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 01:14 . 2012-10-16 09:41 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 01:14 . 2011-05-31 08:43 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-19 20:50 . 2009-11-25 02:55 5630200 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-12-19 20:09 . 2012-04-06 02:21 960512 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-12-19 20:08 . 2012-04-06 02:20 1151488 ----a-w- c:\windows\system32\aticfx64.dll
2012-12-19 19:59 . 2012-11-11 13:02 5087744 ----a-w- c:\windows\system32\atiumd6a.dll
2012-12-19 19:57 . 2012-11-11 13:02 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-12-19 19:49 . 2009-11-25 03:04 7370752 ----a-w- c:\windows\system32\atidxx64.dll
2012-12-19 19:44 . 2009-11-25 02:37 4162048 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-12-19 19:44 . 2012-11-11 13:02 6786560 ----a-w- c:\windows\system32\atiumd64.dll
2012-12-19 19:33 . 2012-11-11 13:02 619008 ----a-w- c:\windows\system32\atiadlxx.dll
2012-12-19 19:31 . 2012-04-06 01:09 130048 ----a-w- c:\windows\system32\atiuxp64.dll
2012-12-19 19:31 . 2012-11-11 13:02 104448 ----a-w- c:\windows\system32\atiu9p64.dll
2012-12-19 19:30 . 2012-04-06 01:09 83968 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-12-19 14:45 . 2012-12-19 14:45 222720 ----a-w- c:\windows\system32\clinfo.exe
2012-12-19 14:44 . 2012-12-19 14:44 76288 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-12-19 14:44 . 2012-12-19 14:44 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-12-19 14:44 . 2012-12-19 14:44 64000 ----a-w- c:\windows\system32\OVDecode64.dll
2012-12-19 14:44 . 2012-12-19 14:44 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-12-19 14:44 . 2012-12-19 14:44 34518016 ----a-w- c:\windows\system32\amdocl64.dll
2012-12-19 14:38 . 2012-12-19 14:38 28732928 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-12-19 14:34 . 2012-12-19 14:34 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-12-19 14:34 . 2012-12-19 14:34 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-12-18 01:06 . 2011-12-23 18:58 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-12-18 01:06 . 2011-04-27 12:19 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-12-16 17:11 . 2012-12-21 00:08 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 00:08 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 00:08 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 00:08 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 11:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 23:36 . 2011-02-13 15:46 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-14 23:36 . 2010-03-10 13:04 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-14 07:06 . 2012-12-12 23:42 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 23:42 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 23:42 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 23:42 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 23:42 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 23:42 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 23:42 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 23:42 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 23:42 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 23:42 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 23:42 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 23:42 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 23:42 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 23:42 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 23:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 23:42 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 23:42 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 23:42 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 23:42 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 23:42 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 23:42 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 23:42 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-10 23:42 . 2010-03-10 13:04 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-09 05:45 . 2012-12-12 11:21 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 11:21 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-07 02:04 . 2010-03-10 13:04 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"RGSC"="c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2010-02-20 306088]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-12-20 844296]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-04 1354736]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-12-20 1476104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2009-06-14 307200]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-06-05 2171904]
"EEventManager"="c:\program files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2006-03-17 102400]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-17 218408]
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-07-17 27760]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-09-29 210216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-05-12 202256]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-03-09 15872]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\users\Administráto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Live.lnk - c:\program files (x86)\JRE\Folding@home.exe [2010-2-18 452608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
LUMIX Simple Viewer.lnk - c:\program files (x86)\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2010-2-19 57344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R0 CFRMD;CFRMD; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-10-15 87336]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-05-25 20568]
R3 DIRECTIO;DIRECTIO;c:\program files (x86)\BurnInTest\DirectIo.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-24 1315592]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-05-25 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-17 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-18 834544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-01-24 37720]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Administráto\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2010-05-17 40960]
S2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [2013-01-24 945328]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-06-02 1207808]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-31 19:09 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-16 01:14]
.
2013-02-03 c:\windows\Tasks\COMODO System Cleaner Update.job
- c:\program files (x86)\COMODO\COMODO System-Cleaner\UpdateApplications.exe [2010-01-26 15:32]
.
2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-13 23:06]
.
2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-13 23:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Administráto\AppData\Roaming\Mozilla\Firefox\Profiles\czp311v7.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - ExtSQL: 2013-01-30 16:49; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=hex:51,66,7a,6c,4c,1d,38,12,78,38,4c,
81,00,23,88,0a,f5,40,f8,f6,90,c6,d4,52
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=hex:51,66,7a,6c,4c,1d,38,12,c2,99,1a,
36,00,8f,58,04,e1,8c,0d,76,4f,1c,0a,03
"{9384BD4C-DD14-4BE9-80F7-F6277511E4F5}"=hex:51,66,7a,6c,4c,1d,38,12,22,be,97,
97,26,93,87,0e,ff,e1,b5,67,70,4f,a0,e1
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,
6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:84,ec,eb,a1,5e,26,cd,01
.
[HKEY_USERS\S-1-5-21-1417383624-3162349305-401947947-1000\Software\SecuROM\License information*]
"datasecu"=hex:e7,48,8f,63,8c,58,0a,86,ac,ee,6c,d3,fc,6c,f6,a3,89,8b,a8,c0,4a,
1c,9e,2a,d5,0e,52,66,aa,a2,1b,14,aa,84,0a,48,cb,e9,c6,fd,41,91,ac,6d,74,db,\
"rkeysecu"=hex:3c,35,dd,a1,d3,b0,ec,30,29,e0,08,13,1b,7a,25,3e
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-04 15:55:33
ComboFix-quarantined-files.txt 2013-02-04 14:55
ComboFix2.txt 2013-02-04 13:45
ComboFix3.txt 2013-02-03 21:55
ComboFix4.txt 2013-01-30 15:21
.
Před spuštěním: Volných bajtů: 20 532 576 256
Po spuštění: Volných bajtů: 20 450 172 928
.
- - End Of File - - ACD503F54EE480289D4FECB74369A25E

[Reklama]

[Žbeky]

Nic...


ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC na plochu, spusť jej a klikni na Clean up!


Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[misananuk]

nejde mi to sem vložit, je to moc dlouhé a ani jako příloha... nepodporuje txt

[memphisto]

Vlož sem jen text a rozděl to já více odpovědí

Odesláno z mého GT-I9100 pomocí Tapatalk 2

[misananuk]

OTL logfile created on: 5.2.2013 1:09:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administráto\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,99 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 51,06% Memory free
7,98 Gb Paging File | 5,68 Gb Available in Paging File | 71,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,17 Gb Total Space | 18,26 Gb Free Space | 3,06% Space Free | Partition Type: NTFS

Computer Name: MICHAL | User Name: Administráto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Administráto\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Nokia)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files (x86)\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe (Matsushita Electric Industrial Co., Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7f6c86879d27a285cc97c12d59424dd0\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll ()
MOD - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll ()
MOD - C:\Program Files (x86)\Unlocker\UnlockerHook.dll ()
MOD - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGUI4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (CoordinatorServiceHost) -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systèmes SolidWorks Corp.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (vToolbarUpdater14.0.1) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (SolidWorks Licensing Service) -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (Správce výběru OS) -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (SearchAnonymizer) -- C:\Users\Administráto\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8023x64) -- C:\Windows\SysNative\drivers\Rtnic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9F 61 71 DF BF B0 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{03690688-6C31-4589-9F85-1BD1C81B5BFD}: "URL" = http://www.otto.de.anonymize-me.de/?to= ... 2E6465&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com.anonymize-me.de/?an ... 535243&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb
IE - HKCU\..\SearchScopes\{40FE215A-9A3F-45BB-81E1-F72628458466}: "URL" = http://search.ebay.de.anonymize-me.de/? ... 2E6465&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{54205BBD-76EF-40BE-AF0E-D18CC1DF84C1}: "URL" = http://de.wikipedia.org.anonymize-me.de ... 6F7267&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{61B2CFE5-490B-459B-BF58-DA1061FC2BE0}: "URL" = http://www.myvideo.de.anonymize-me.de/? ... 2E6465&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{8A33FBA4-AEA4-4BE4-BB28-45067476AC7F}: "URL" = http://www.amazon.de.anonymize-me.de/?t ... 2E6465&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{9BE64C59-6591-49D8-936A-B07089FF9838}: "URL" = http://www.webhledani.cz/results.aspx?i=39&tp=ie&q={searchTerms}
IE - HKCU\..\SearchScopes\{A859E91E-C967-458F-BFC0-636704F157C8}: "URL" = http://www.pricerunner.de.anonymize-me. ... 2E6465&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.05.12 18:38:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.05.19 17:17:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.01.30 16:43:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.19 11:58:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.19 11:58:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\hideip@hide-ip-soft.com: C:\Windows\vf_hip\ [2010.03.24 11:04:12 | 000,000,000 | ---D | M]

[2010.02.18 18:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administráto\AppData\Roaming\mozilla\Extensions
[2010.02.18 18:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administráto\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.01.30 14:02:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administráto\AppData\Roaming\mozilla\Firefox\Profiles\czp311v7.default\extensions
[2011.03.08 00:58:41 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-10.xml
[2011.03.21 17:53:55 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-11.xml
[2011.03.25 09:19:14 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-12.xml
[2011.05.19 16:57:08 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-13.xml
[2011.06.20 21:52:07 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-14.xml
[2011.08.19 21:27:13 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-15.xml
[2011.10.01 20:14:38 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-16.xml
[2011.10.11 19:12:01 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-17.xml
[2011.11.08 17:48:07 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-18.xml
[2011.11.09 22:48:53 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-19.xml
[2011.12.02 18:49:30 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-20.xml
[2011.12.22 12:56:39 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-21.xml
[2012.01.09 18:05:57 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-22.xml
[2012.01.09 19:59:31 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-23.xml
[2012.02.06 23:42:34 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-24.xml
[2012.02.14 22:01:01 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-25.xml
[2012.02.20 22:25:23 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-26.xml
[2012.03.18 22:23:15 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-27.xml
[2012.04.06 23:01:54 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-28.xml
[2012.05.11 21:43:43 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-29.xml
[2012.06.07 23:01:52 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-30.xml
[2012.06.24 22:37:43 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-31.xml
[2012.08.11 10:12:01 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-32.xml
[2012.09.06 03:06:32 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-33.xml
[2012.09.11 21:30:56 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-34.xml
[2012.10.28 20:55:39 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-35.xml
[2012.10.30 19:53:42 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-36.xml
[2012.12.16 04:34:00 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-37.xml
[2013.01.15 08:21:02 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-38.xml
[2013.01.21 22:25:20 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-39.xml
[2010.08.03 11:43:36 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-4.xml
[2010.08.04 23:29:05 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-5.xml
[2010.09.09 19:13:48 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-6.xml
[2010.10.09 10:58:08 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-7.xml
[2010.10.27 14:03:23 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-8.xml
[2011.02.27 16:48:47 | 000,000,950 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\icqplugin-9.xml
[2010.05.17 20:49:12 | 000,002,152 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\{3DA5AB50-FF2B-4204-9B93-66926F3CB021}.xml
[2010.05.17 20:49:12 | 000,002,041 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\{60B4ACFC-DF24-4435-93BA-9FB99AC305DD}.xml
[2010.05.17 20:49:12 | 000,024,003 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\{73E3B25A-1ED4-46B7-915B-D1192B81FCAF}.xml
[2010.05.17 20:49:12 | 000,002,486 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\{BFA7454B-F309-4F7E-8846-01E7CDCA386F}.xml
[2010.05.17 20:49:12 | 000,001,834 | ---- | M] () -- C:\Users\Administráto\AppData\Roaming\mozilla\firefox\profiles\czp311v7.default\searchplugins\{CB4EA28D-1D41-40E0-9665-1F4D556E1C58}.xml
[2013.01.19 11:58:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.01.19 11:58:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.01.19 11:58:36 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.05.12 18:45:29 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2009.10.14 17:21:24 | 000,155,648 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files (x86)\mozilla firefox\plugins\npEModelPlugin.dll
[2006.10.26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL
[2009.12.21 18:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2010.05.12 18:38:05 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll
[2010.05.12 18:38:16 | 000,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll
[2010.05.12 18:38:03 | 000,098,304 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll
[2013.01.13 00:11:00 | 000,002,669 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2011.10.11 16:17:00 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.10.11 16:17:00 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.11 16:17:00 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.11 16:17:00 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.11 16:17:00 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

[misananuk]

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: EModel scriptable Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npEModelPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Dokumenty Google = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.1_0\
CHR - Extension: Gmail = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Space Planet = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb\1.1_0\
CHR - Extension: Dokumenty Google = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.1_0\
CHR - Extension: Gmail = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Space Planet = C:\Users\Administráto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb\1.1_0\

O1 HOSTS File: ([2013.02.03 22:51:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LGODDFU] C:\Program Files (x86)\lg_fwupdate\lgfw.exe (Bitleader)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Administráto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Live.lnk = C:\Program Files (x86)\JRE\Folding@home.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDA280E0-EAF4-4430-B3AD-84E3A0679A60}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[misananuk]

========== Files/Folders - Created Within 30 Days ==========

[2013.02.05 01:04:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Administráto\Desktop\OTL.exe
[2013.02.05 00:47:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.02.04 15:55:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.02.03 20:38:42 | 000,000,000 | ---D | C] -- C:\Users\Administráto\AppData\Roaming\Malwarebytes
[2013.02.03 20:38:30 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.03 20:38:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.03 20:38:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.03 20:38:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.03 20:37:56 | 000,000,000 | ---D | C] -- C:\Users\Administráto\AppData\Local\Programs
[2013.02.03 18:49:28 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2013.02.03 18:49:28 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2013.02.03 18:13:57 | 000,000,000 | ---D | C] -- C:\Users\Administráto\Desktop\backups
[2013.02.03 17:52:59 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Administráto\Desktop\HiJackThis.exe
[2013.01.30 23:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2013.01.30 23:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2013.01.30 16:47:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.01.30 16:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.01.30 16:44:15 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.01.30 16:44:14 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.01.30 16:44:07 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.01.30 16:44:06 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.01.30 16:44:05 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.01.30 16:43:59 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.01.30 16:43:58 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.01.30 16:43:36 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2013.01.30 16:43:36 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.01.30 16:43:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.01.30 16:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.01.30 15:13:05 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013.01.30 15:09:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.30 14:52:29 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.01.30 12:53:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2013.01.29 23:19:56 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2013.01.29 23:19:55 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2013.01.29 23:19:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2013.01.29 23:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2013.01.29 21:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Local Settings
[2013.01.29 21:07:01 | 000,000,000 | RHSD | C] -- C:\Users\Administráto\6438640620394286720310355
[2013.01.20 19:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.01.20 19:05:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.01.20 19:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.01.20 19:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.01.20 19:00:40 | 000,096,256 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2013.01.20 19:00:40 | 000,070,144 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_9.012.dll
[2013.01.20 19:00:39 | 000,109,568 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013.01.20 19:00:38 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013.01.20 19:00:37 | 018,982,400 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013.01.20 19:00:36 | 023,461,376 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013.01.20 19:00:36 | 011,278,336 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013.01.20 19:00:36 | 000,552,960 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013.01.20 19:00:36 | 000,550,912 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013.01.20 19:00:36 | 000,240,640 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013.01.20 19:00:36 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013.01.20 19:00:36 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013.01.20 19:00:36 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013.01.20 19:00:36 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013.01.20 19:00:36 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013.01.20 19:00:36 | 000,041,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013.01.20 19:00:36 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013.01.20 19:00:36 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013.01.20 19:00:36 | 000,017,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013.01.20 19:00:36 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013.01.20 19:00:36 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013.01.20 19:00:35 | 006,681,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013.01.20 19:00:35 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013.01.20 19:00:35 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013.01.20 19:00:34 | 016,082,944 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013.01.20 19:00:34 | 013,703,168 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013.01.20 19:00:34 | 000,421,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013.01.20 19:00:34 | 000,163,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013.01.20 19:00:34 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013.01.20 19:00:34 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013.01.20 19:00:34 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013.01.20 19:00:34 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013.01.19 11:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.10 01:23:16 | 000,000,000 | ---D | C] -- C:\bbbe4d066e61f4ce11b743a7
[2013.01.09 12:34:53 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 12:34:53 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 12:34:48 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 12:34:47 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.09 12:34:45 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.09 12:34:45 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.09 12:34:45 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.09 12:34:45 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.09 12:34:45 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.09 12:34:45 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.09 12:34:45 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.09 12:34:45 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.09 12:34:45 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.09 12:34:45 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.09 12:34:45 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.09 12:34:45 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.09 12:34:45 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.09 12:34:45 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.09 12:34:45 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.09 12:34:45 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.09 12:34:45 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.09 12:34:45 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.09 12:34:45 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.09 12:34:45 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.09 12:34:45 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.09 12:34:45 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.09 12:34:45 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.09 12:34:45 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.09 12:34:45 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.09 12:34:45 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.09 12:34:32 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.09 12:34:32 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.09 12:34:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.09 12:34:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.09 12:34:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.09 12:34:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.09 12:34:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.09 12:34:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.09 12:34:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.09 12:34:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.09 12:34:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 12:34:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.09 12:34:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.09 12:34:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 12:34:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 12:34:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 12:34:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 12:34:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.09 12:34:25 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013.01.06 22:02:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2011.11.23 17:38:28 | 000,704,000 | ---- | C] (Ubisoft) -- C:\Users\Administráto\AppData\Roaming\AssassinsCreedRevelations.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.02.05 01:10:15 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.05 01:10:15 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.05 01:09:01 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.05 01:07:10 | 000,304,540 | ---- | M] () -- C:\Users\Administráto\Desktop\Bez názvu.png
[2013.02.05 01:05:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administráto\Desktop\OTL.exe
[2013.02.05 01:03:20 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.05 01:02:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.05 01:02:42 | 3213,402,112 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.05 00:56:33 | 000,113,694 | ---- | M] () -- C:\Users\Administráto\Documents\cc_20130205_005626.reg
[2013.02.05 00:14:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.04 21:56:59 | 000,036,855 | ---- | M] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.srt
[2013.02.04 21:40:04 | 734,433,280 | ---- | M] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.avi
[2013.02.04 20:39:00 | 000,000,482 | ---- | M] () -- C:\Windows\tasks\COMODO System Cleaner Update.job
[2013.02.03 22:51:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.02.03 20:45:35 | 000,582,093 | ---- | M] () -- C:\Users\Administráto\Desktop\adwcleaner.exe
[2013.02.03 20:38:31 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.03 19:00:43 | 000,141,233 | ---- | M] () -- C:\Users\Administráto\Documents\pinfect.zip
[2013.02.03 18:30:16 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2013.02.03 17:53:01 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Administráto\Desktop\HiJackThis.exe
[2013.01.30 23:43:11 | 000,000,242 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.01.30 23:18:13 | 000,001,113 | ---- | M] () -- C:\Users\Administráto\Desktop\EVEREST Home Edition.lnk
[2013.01.30 16:44:17 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.01.30 16:43:59 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.01.29 23:52:27 | 000,000,344 | ---- | M] () -- C:\Windows\lgfwup.ini
[2013.01.29 23:19:55 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2013.01.29 23:19:54 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2013.01.29 23:19:06 | 068,866,904 | ---- | M] () -- C:\Users\Administráto\Desktop\mwav.exe
[2013.01.29 22:59:37 | 000,000,000 | -H-- | M] () -- C:\Users\Administráto\AppData\Roaming\winsvcns.sys
[2013.01.24 14:26:34 | 000,037,720 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.01.10 08:07:49 | 000,638,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.10 01:33:09 | 001,747,650 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.10 01:33:09 | 000,735,010 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.01.10 01:33:09 | 000,720,404 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.10 01:33:09 | 000,165,732 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.01.10 01:33:09 | 000,146,366 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.10 01:32:54 | 001,747,650 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.09 02:14:12 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 02:14:12 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.07 23:48:33 | 939,587,517 | ---- | M] () -- C:\Users\Administráto\Desktop\warrior.avi
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.02.05 01:07:10 | 000,304,540 | ---- | C] () -- C:\Users\Administráto\Desktop\Bez názvu.png
[2013.02.05 00:56:30 | 000,113,694 | ---- | C] () -- C:\Users\Administráto\Documents\cc_20130205_005626.reg
[2013.02.04 21:56:58 | 000,036,855 | ---- | C] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.srt
[2013.02.04 20:51:59 | 734,433,280 | ---- | C] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.avi
[2013.02.03 20:45:29 | 000,582,093 | ---- | C] () -- C:\Users\Administráto\Desktop\adwcleaner.exe
[2013.02.03 20:38:31 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.31 04:08:08 | 000,141,233 | ---- | C] () -- C:\Users\Administráto\Documents\pinfect.zip
[2013.01.30 23:18:13 | 000,001,113 | ---- | C] () -- C:\Users\Administráto\Desktop\EVEREST Home Edition.lnk
[2013.01.30 16:44:17 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.01.30 16:43:58 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.01.30 14:02:09 | 000,000,242 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.01.29 23:20:45 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx
[2013.01.29 23:16:11 | 068,866,904 | ---- | C] () -- C:\Users\Administráto\Desktop\mwav.exe
[2013.01.29 21:07:05 | 000,000,000 | -H-- | C] () -- C:\Users\Administráto\AppData\Roaming\winsvcns.sys
[2013.01.20 19:00:40 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013.01.20 19:00:39 | 003,093,792 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013.01.20 19:00:39 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013.01.20 19:00:39 | 000,076,660 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2013.01.20 19:00:38 | 003,061,872 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013.01.20 19:00:37 | 000,042,719 | ---- | C] () -- C:\Windows\atiogl.xml
[2013.01.20 19:00:36 | 000,662,786 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013.01.20 19:00:34 | 000,327,960 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013.01.20 19:00:34 | 000,327,960 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013.01.07 22:07:03 | 939,587,517 | ---- | C] () -- C:\Users\Administráto\Desktop\warrior.avi
[2012.06.21 09:37:14 | 003,166,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.04.06 02:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.06 02:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.12.25 23:18:27 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.12.23 19:58:28 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.23 17:38:28 | 046,593,024 | ---- | C] () -- C:\Users\Administráto\AppData\Roaming\ACRPR.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.27 13:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.04.27 13:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.04.27 13:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.04.27 13:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.01.15 18:24:51 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.12.15 22:22:57 | 000,015,872 | ---- | C] () -- C:\Users\Administráto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010.09.28 20:54:36 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\avidemux
[2010.02.19 14:22:13 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\DAEMON Tools Lite
[2013.01.30 22:57:16 | 000,000,000 | -HSD | M] -- C:\Users\Administráto\AppData\Roaming\EF0057
[2010.03.25 06:15:24 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\EPSON
[2010.06.28 18:56:52 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\FMA
[2010.08.24 14:19:43 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\FreeMediaCatcher
[2010.05.21 20:15:14 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\GlarySoft
[2010.12.15 22:22:53 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\HighAndes
[2012.12.01 01:18:10 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\ICQ
[2011.01.21 22:14:15 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\JetBrains
[2010.10.30 09:59:01 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Leadertech
[2010.05.19 17:17:57 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Nokia
[2012.01.30 11:38:39 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\ObjectivePET
[2010.05.17 20:49:10 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\OCS
[2010.05.17 20:49:12 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Opera
[2012.12.01 02:03:56 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Origin
[2010.02.21 00:09:09 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Panasonic
[2010.05.19 17:17:55 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\PC Suite
[2011.06.17 21:35:03 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\PhotoFiltre
[2011.07.06 21:21:15 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Rovio
[2012.04.03 19:42:57 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Samsung
[2010.05.16 22:03:41 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\SanDisk
[2010.08.24 14:11:49 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\SuperMP3Download
[2012.04.04 16:54:25 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Temp
[2010.03.09 15:18:15 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Thinstall
[2012.11.07 02:54:42 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Ubisoft
[2012.07.03 17:05:42 | 000,000,000 | -HSD | M] -- C:\Users\Administráto\AppData\Roaming\wyUpdate AU
[2010.09.28 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\XMedia Recode
[2011.12.24 19:41:42 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Zoner

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010.03.09 16:39:20 | 000,000,000 | ---D | M](C:\Users\Administráto\??? ?????????) -- C:\Users\Administráto\Мои документы
[2010.03.09 16:39:20 | 000,000,000 | ---D | M](C:\Users\Administráto\??? ?????????) -- C:\Users\Administráto\Мои документы
(C:\Users\Administráto\??? ?????????) -- C:\Users\Administráto\Мои документы

< End of report >

[misananuk]

========== Files/Folders - Created Within 30 Days ==========

[2013.02.05 01:04:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Administráto\Desktop\OTL.exe
[2013.02.05 00:47:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.02.04 15:55:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.02.03 20:38:42 | 000,000,000 | ---D | C] -- C:\Users\Administráto\AppData\Roaming\Malwarebytes
[2013.02.03 20:38:30 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.03 20:38:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.03 20:38:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.03 20:38:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.03 20:37:56 | 000,000,000 | ---D | C] -- C:\Users\Administráto\AppData\Local\Programs
[2013.02.03 18:49:28 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2013.02.03 18:49:28 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2013.02.03 18:13:57 | 000,000,000 | ---D | C] -- C:\Users\Administráto\Desktop\backups
[2013.02.03 17:52:59 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Administráto\Desktop\HiJackThis.exe
[2013.01.30 23:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2013.01.30 23:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2013.01.30 16:47:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.01.30 16:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.01.30 16:44:15 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.01.30 16:44:14 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.01.30 16:44:07 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.01.30 16:44:06 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.01.30 16:44:05 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.01.30 16:43:59 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.01.30 16:43:58 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.01.30 16:43:36 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2013.01.30 16:43:36 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.01.30 16:43:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.01.30 16:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.01.30 15:13:05 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013.01.30 15:09:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.30 14:52:29 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.01.30 12:53:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2013.01.29 23:19:56 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2013.01.29 23:19:55 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2013.01.29 23:19:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2013.01.29 23:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2013.01.29 21:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Local Settings
[2013.01.29 21:07:01 | 000,000,000 | RHSD | C] -- C:\Users\Administráto\6438640620394286720310355
[2013.01.20 19:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.01.20 19:05:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.01.20 19:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.01.20 19:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.01.20 19:00:40 | 000,096,256 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2013.01.20 19:00:40 | 000,070,144 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_9.012.dll
[2013.01.20 19:00:39 | 000,109,568 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013.01.20 19:00:38 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013.01.20 19:00:37 | 018,982,400 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013.01.20 19:00:36 | 023,461,376 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013.01.20 19:00:36 | 011,278,336 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013.01.20 19:00:36 | 000,552,960 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013.01.20 19:00:36 | 000,550,912 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013.01.20 19:00:36 | 000,240,640 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013.01.20 19:00:36 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013.01.20 19:00:36 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013.01.20 19:00:36 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013.01.20 19:00:36 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013.01.20 19:00:36 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013.01.20 19:00:36 | 000,041,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013.01.20 19:00:36 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013.01.20 19:00:36 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013.01.20 19:00:36 | 000,017,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013.01.20 19:00:36 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013.01.20 19:00:36 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013.01.20 19:00:35 | 006,681,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013.01.20 19:00:35 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013.01.20 19:00:35 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013.01.20 19:00:34 | 016,082,944 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013.01.20 19:00:34 | 013,703,168 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013.01.20 19:00:34 | 000,421,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013.01.20 19:00:34 | 000,163,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013.01.20 19:00:34 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013.01.20 19:00:34 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013.01.20 19:00:34 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013.01.20 19:00:34 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013.01.19 11:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.10 01:23:16 | 000,000,000 | ---D | C] -- C:\bbbe4d066e61f4ce11b743a7
[2013.01.09 12:34:53 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 12:34:53 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 12:34:48 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 12:34:47 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.09 12:34:45 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.09 12:34:45 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.09 12:34:45 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.09 12:34:45 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.09 12:34:45 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.09 12:34:45 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.09 12:34:45 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.09 12:34:45 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.09 12:34:45 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.09 12:34:45 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.09 12:34:45 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.09 12:34:45 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.09 12:34:45 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.09 12:34:45 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.09 12:34:45 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.09 12:34:45 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.09 12:34:45 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.09 12:34:45 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.09 12:34:45 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.09 12:34:45 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.09 12:34:45 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.09 12:34:45 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.09 12:34:45 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.09 12:34:45 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.09 12:34:45 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.09 12:34:45 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.09 12:34:32 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.09 12:34:32 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.09 12:34:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.09 12:34:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.09 12:34:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.09 12:34:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.09 12:34:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.09 12:34:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.09 12:34:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.09 12:34:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.09 12:34:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 12:34:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.09 12:34:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.09 12:34:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 12:34:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 12:34:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 12:34:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 12:34:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.09 12:34:25 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013.01.06 22:02:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2011.11.23 17:38:28 | 000,704,000 | ---- | C] (Ubisoft) -- C:\Users\Administráto\AppData\Roaming\AssassinsCreedRevelations.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.02.05 01:10:15 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.05 01:10:15 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.05 01:09:01 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.05 01:07:10 | 000,304,540 | ---- | M] () -- C:\Users\Administráto\Desktop\Bez názvu.png
[2013.02.05 01:05:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administráto\Desktop\OTL.exe
[2013.02.05 01:03:20 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.05 01:02:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.05 01:02:42 | 3213,402,112 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.05 00:56:33 | 000,113,694 | ---- | M] () -- C:\Users\Administráto\Documents\cc_20130205_005626.reg
[2013.02.05 00:14:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.04 21:56:59 | 000,036,855 | ---- | M] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.srt
[2013.02.04 21:40:04 | 734,433,280 | ---- | M] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.avi
[2013.02.04 20:39:00 | 000,000,482 | ---- | M] () -- C:\Windows\tasks\COMODO System Cleaner Update.job
[2013.02.03 22:51:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.02.03 20:45:35 | 000,582,093 | ---- | M] () -- C:\Users\Administráto\Desktop\adwcleaner.exe
[2013.02.03 20:38:31 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.03 19:00:43 | 000,141,233 | ---- | M] () -- C:\Users\Administráto\Documents\pinfect.zip
[2013.02.03 18:30:16 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2013.02.03 17:53:01 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Administráto\Desktop\HiJackThis.exe
[2013.01.30 23:43:11 | 000,000,242 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.01.30 23:18:13 | 000,001,113 | ---- | M] () -- C:\Users\Administráto\Desktop\EVEREST Home Edition.lnk
[2013.01.30 16:44:17 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.01.30 16:43:59 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.01.29 23:52:27 | 000,000,344 | ---- | M] () -- C:\Windows\lgfwup.ini
[2013.01.29 23:19:55 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2013.01.29 23:19:54 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2013.01.29 23:19:06 | 068,866,904 | ---- | M] () -- C:\Users\Administráto\Desktop\mwav.exe
[2013.01.29 22:59:37 | 000,000,000 | -H-- | M] () -- C:\Users\Administráto\AppData\Roaming\winsvcns.sys
[2013.01.24 14:26:34 | 000,037,720 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.01.10 08:07:49 | 000,638,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.10 01:33:09 | 001,747,650 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.10 01:33:09 | 000,735,010 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.01.10 01:33:09 | 000,720,404 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.10 01:33:09 | 000,165,732 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.01.10 01:33:09 | 000,146,366 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.10 01:32:54 | 001,747,650 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.09 02:14:12 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 02:14:12 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.07 23:48:33 | 939,587,517 | ---- | M] () -- C:\Users\Administráto\Desktop\warrior.avi
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.02.05 01:07:10 | 000,304,540 | ---- | C] () -- C:\Users\Administráto\Desktop\Bez názvu.png
[2013.02.05 00:56:30 | 000,113,694 | ---- | C] () -- C:\Users\Administráto\Documents\cc_20130205_005626.reg
[2013.02.04 21:56:58 | 000,036,855 | ---- | C] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.srt
[2013.02.04 20:51:59 | 734,433,280 | ---- | C] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.avi
[2013.02.03 20:45:29 | 000,582,093 | ---- | C] () -- C:\Users\Administráto\Desktop\adwcleaner.exe
[2013.02.03 20:38:31 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.31 04:08:08 | 000,141,233 | ---- | C] () -- C:\Users\Administráto\Documents\pinfect.zip
[2013.01.30 23:18:13 | 000,001,113 | ---- | C] () -- C:\Users\Administráto\Desktop\EVEREST Home Edition.lnk
[2013.01.30 16:44:17 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.01.30 16:43:58 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.01.30 14:02:09 | 000,000,242 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.01.29 23:20:45 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx
[2013.01.29 23:16:11 | 068,866,904 | ---- | C] () -- C:\Users\Administráto\Desktop\mwav.exe
[2013.01.29 21:07:05 | 000,000,000 | -H-- | C] () -- C:\Users\Administráto\AppData\Roaming\winsvcns.sys
[2013.01.20 19:00:40 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013.01.20 19:00:39 | 003,093,792 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013.01.20 19:00:39 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013.01.20 19:00:39 | 000,076,660 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2013.01.20 19:00:38 | 003,061,872 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013.01.20 19:00:37 | 000,042,719 | ---- | C] () -- C:\Windows\atiogl.xml
[2013.01.20 19:00:36 | 000,662,786 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013.01.20 19:00:34 | 000,327,960 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013.01.20 19:00:34 | 000,327,960 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013.01.07 22:07:03 | 939,587,517 | ---- | C] () -- C:\Users\Administráto\Desktop\warrior.avi
[2012.06.21 09:37:14 | 003,166,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.04.06 02:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.06 02:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.12.25 23:18:27 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.12.23 19:58:28 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.23 17:38:28 | 046,593,024 | ---- | C] () -- C:\Users\Administráto\AppData\Roaming\ACRPR.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.27 13:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.04.27 13:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.04.27 13:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.04.27 13:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.01.15 18:24:51 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.12.15 22:22:57 | 000,015,872 | ---- | C] () -- C:\Users\Administráto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010.09.28 20:54:36 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\avidemux
[2010.02.19 14:22:13 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\DAEMON Tools Lite
[2013.01.30 22:57:16 | 000,000,000 | -HSD | M] -- C:\Users\Administráto\AppData\Roaming\EF0057
[2010.03.25 06:15:24 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\EPSON
[2010.06.28 18:56:52 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\FMA
[2010.08.24 14:19:43 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\FreeMediaCatcher
[2010.05.21 20:15:14 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\GlarySoft
[2010.12.15 22:22:53 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\HighAndes
[2012.12.01 01:18:10 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\ICQ
[2011.01.21 22:14:15 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\JetBrains
[2010.10.30 09:59:01 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Leadertech
[2010.05.19 17:17:57 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Nokia
[2012.01.30 11:38:39 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\ObjectivePET
[2010.05.17 20:49:10 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\OCS
[2010.05.17 20:49:12 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Opera
[2012.12.01 02:03:56 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Origin
[2010.02.21 00:09:09 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Panasonic
[2010.05.19 17:17:55 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\PC Suite
[2011.06.17 21:35:03 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\PhotoFiltre
[2011.07.06 21:21:15 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Rovio
[2012.04.03 19:42:57 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Samsung
[2010.05.16 22:03:41 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\SanDisk
[2010.08.24 14:11:49 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\SuperMP3Download
[2012.04.04 16:54:25 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Temp
[2010.03.09 15:18:15 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Thinstall
[2012.11.07 02:54:42 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Ubisoft
[2012.07.03 17:05:42 | 000,000,000 | -HSD | M] -- C:\Users\Administráto\AppData\Roaming\wyUpdate AU
[2010.09.28 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\XMedia Recode
[2011.12.24 19:41:42 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Zoner

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010.03.09 16:39:20 | 000,000,000 | ---D | M](C:\Users\Administráto\??? ?????????) -- C:\Users\Administráto\Мои документы
[2010.03.09 16:39:20 | 000,000,000 | ---D | M](C:\Users\Administráto\??? ?????????) -- C:\Users\Administráto\Мои документы
(C:\Users\Administráto\??? ?????????) -- C:\Users\Administráto\Мои документы

< End of report >

[misananuk]

========== Files/Folders - Created Within 30 Days ==========

[2013.02.05 01:04:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Administráto\Desktop\OTL.exe
[2013.02.05 00:47:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.02.04 15:55:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.02.03 20:38:42 | 000,000,000 | ---D | C] -- C:\Users\Administráto\AppData\Roaming\Malwarebytes
[2013.02.03 20:38:30 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.03 20:38:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.03 20:38:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.03 20:38:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.03 20:37:56 | 000,000,000 | ---D | C] -- C:\Users\Administráto\AppData\Local\Programs
[2013.02.03 18:49:28 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2013.02.03 18:49:28 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2013.02.03 18:13:57 | 000,000,000 | ---D | C] -- C:\Users\Administráto\Desktop\backups
[2013.02.03 17:52:59 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Administráto\Desktop\HiJackThis.exe
[2013.01.30 23:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2013.01.30 23:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2013.01.30 16:47:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.01.30 16:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.01.30 16:44:15 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.01.30 16:44:14 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.01.30 16:44:07 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.01.30 16:44:06 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.01.30 16:44:05 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.01.30 16:43:59 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.01.30 16:43:58 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.01.30 16:43:36 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2013.01.30 16:43:36 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.01.30 16:43:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.01.30 16:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.01.30 15:13:05 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013.01.30 15:09:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.30 14:52:29 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.01.30 12:53:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2013.01.29 23:30:55 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2013.01.29 23:19:56 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2013.01.29 23:19:55 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2013.01.29 23:19:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2013.01.29 23:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2013.01.29 21:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Local Settings
[2013.01.29 21:07:01 | 000,000,000 | RHSD | C] -- C:\Users\Administráto\6438640620394286720310355
[2013.01.20 19:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.01.20 19:05:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.01.20 19:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.01.20 19:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.01.20 19:00:40 | 000,096,256 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2013.01.20 19:00:40 | 000,070,144 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_9.012.dll
[2013.01.20 19:00:39 | 000,109,568 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013.01.20 19:00:38 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013.01.20 19:00:37 | 018,982,400 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013.01.20 19:00:36 | 023,461,376 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013.01.20 19:00:36 | 011,278,336 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013.01.20 19:00:36 | 000,552,960 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013.01.20 19:00:36 | 000,550,912 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013.01.20 19:00:36 | 000,240,640 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013.01.20 19:00:36 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013.01.20 19:00:36 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013.01.20 19:00:36 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013.01.20 19:00:36 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013.01.20 19:00:36 | 000,056,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013.01.20 19:00:36 | 000,041,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013.01.20 19:00:36 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013.01.20 19:00:36 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013.01.20 19:00:36 | 000,017,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013.01.20 19:00:36 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013.01.20 19:00:36 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013.01.20 19:00:35 | 006,681,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013.01.20 19:00:35 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013.01.20 19:00:35 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013.01.20 19:00:34 | 016,082,944 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013.01.20 19:00:34 | 013,703,168 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013.01.20 19:00:34 | 000,421,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013.01.20 19:00:34 | 000,163,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013.01.20 19:00:34 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013.01.20 19:00:34 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013.01.20 19:00:34 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013.01.20 19:00:34 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013.01.19 11:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.10 01:23:16 | 000,000,000 | ---D | C] -- C:\bbbe4d066e61f4ce11b743a7
[2013.01.09 12:34:53 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 12:34:53 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 12:34:48 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 12:34:47 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.09 12:34:45 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.09 12:34:45 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.09 12:34:45 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.09 12:34:45 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.09 12:34:45 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.09 12:34:45 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.09 12:34:45 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.09 12:34:45 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.09 12:34:45 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.09 12:34:45 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.09 12:34:45 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.09 12:34:45 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.09 12:34:45 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.09 12:34:45 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.09 12:34:45 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.09 12:34:45 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.09 12:34:45 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.09 12:34:45 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.09 12:34:45 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.09 12:34:45 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.09 12:34:45 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.09 12:34:45 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.09 12:34:45 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.09 12:34:45 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.09 12:34:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.09 12:34:45 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.09 12:34:45 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.09 12:34:32 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.09 12:34:32 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.09 12:34:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.09 12:34:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.09 12:34:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.09 12:34:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.09 12:34:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.09 12:34:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.09 12:34:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.09 12:34:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.09 12:34:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 12:34:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.09 12:34:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.09 12:34:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 12:34:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 12:34:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 12:34:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 12:34:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 12:34:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 12:34:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.09 12:34:25 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013.01.06 22:02:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2011.11.23 17:38:28 | 000,704,000 | ---- | C] (Ubisoft) -- C:\Users\Administráto\AppData\Roaming\AssassinsCreedRevelations.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.02.05 01:10:15 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.05 01:10:15 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.05 01:09:01 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.05 01:07:10 | 000,304,540 | ---- | M] () -- C:\Users\Administráto\Desktop\Bez názvu.png
[2013.02.05 01:05:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administráto\Desktop\OTL.exe
[2013.02.05 01:03:20 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.05 01:02:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.05 01:02:42 | 3213,402,112 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.05 00:56:33 | 000,113,694 | ---- | M] () -- C:\Users\Administráto\Documents\cc_20130205_005626.reg
[2013.02.05 00:14:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.04 21:56:59 | 000,036,855 | ---- | M] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.srt
[2013.02.04 21:40:04 | 734,433,280 | ---- | M] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.avi
[2013.02.04 20:39:00 | 000,000,482 | ---- | M] () -- C:\Windows\tasks\COMODO System Cleaner Update.job
[2013.02.03 22:51:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.02.03 20:45:35 | 000,582,093 | ---- | M] () -- C:\Users\Administráto\Desktop\adwcleaner.exe
[2013.02.03 20:38:31 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.03 19:00:43 | 000,141,233 | ---- | M] () -- C:\Users\Administráto\Documents\pinfect.zip
[2013.02.03 18:30:16 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2013.02.03 17:53:01 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Administráto\Desktop\HiJackThis.exe
[2013.01.30 23:43:11 | 000,000,242 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.01.30 23:18:13 | 000,001,113 | ---- | M] () -- C:\Users\Administráto\Desktop\EVEREST Home Edition.lnk
[2013.01.30 16:44:17 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.01.30 16:43:59 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.01.29 23:52:27 | 000,000,344 | ---- | M] () -- C:\Windows\lgfwup.ini
[2013.01.29 23:19:55 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2013.01.29 23:19:54 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2013.01.29 23:19:06 | 068,866,904 | ---- | M] () -- C:\Users\Administráto\Desktop\mwav.exe
[2013.01.29 22:59:37 | 000,000,000 | -H-- | M] () -- C:\Users\Administráto\AppData\Roaming\winsvcns.sys
[2013.01.24 14:26:34 | 000,037,720 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.01.10 08:07:49 | 000,638,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.10 01:33:09 | 001,747,650 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.10 01:33:09 | 000,735,010 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.01.10 01:33:09 | 000,720,404 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.10 01:33:09 | 000,165,732 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.01.10 01:33:09 | 000,146,366 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.10 01:32:54 | 001,747,650 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.09 02:14:12 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 02:14:12 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.07 23:48:33 | 939,587,517 | ---- | M] () -- C:\Users\Administráto\Desktop\warrior.avi
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.02.05 01:07:10 | 000,304,540 | ---- | C] () -- C:\Users\Administráto\Desktop\Bez názvu.png
[2013.02.05 00:56:30 | 000,113,694 | ---- | C] () -- C:\Users\Administráto\Documents\cc_20130205_005626.reg
[2013.02.04 21:56:58 | 000,036,855 | ---- | C] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.srt
[2013.02.04 20:51:59 | 734,433,280 | ---- | C] () -- C:\Users\Administráto\Desktop\Teddy-Bear-2012.avi
[2013.02.03 20:45:29 | 000,582,093 | ---- | C] () -- C:\Users\Administráto\Desktop\adwcleaner.exe
[2013.02.03 20:38:31 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.31 04:08:08 | 000,141,233 | ---- | C] () -- C:\Users\Administráto\Documents\pinfect.zip
[2013.01.30 23:18:13 | 000,001,113 | ---- | C] () -- C:\Users\Administráto\Desktop\EVEREST Home Edition.lnk
[2013.01.30 16:44:17 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.01.30 16:43:58 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.01.30 14:02:09 | 000,000,242 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.01.29 23:20:45 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx
[2013.01.29 23:16:11 | 068,866,904 | ---- | C] () -- C:\Users\Administráto\Desktop\mwav.exe
[2013.01.29 21:07:05 | 000,000,000 | -H-- | C] () -- C:\Users\Administráto\AppData\Roaming\winsvcns.sys
[2013.01.20 19:00:40 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013.01.20 19:00:39 | 003,093,792 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013.01.20 19:00:39 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013.01.20 19:00:39 | 000,076,660 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2013.01.20 19:00:38 | 003,061,872 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013.01.20 19:00:37 | 000,042,719 | ---- | C] () -- C:\Windows\atiogl.xml
[2013.01.20 19:00:36 | 000,662,786 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013.01.20 19:00:34 | 000,327,960 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013.01.20 19:00:34 | 000,327,960 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013.01.07 22:07:03 | 939,587,517 | ---- | C] () -- C:\Users\Administráto\Desktop\warrior.avi
[2012.06.21 09:37:14 | 003,166,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.04.06 02:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.06 02:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.12.25 23:18:27 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.12.23 19:58:28 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.23 17:38:28 | 046,593,024 | ---- | C] () -- C:\Users\Administráto\AppData\Roaming\ACRPR.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.27 13:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.04.27 13:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.04.27 13:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.04.27 13:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.01.15 18:24:51 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.12.15 22:22:57 | 000,015,872 | ---- | C] () -- C:\Users\Administráto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010.09.28 20:54:36 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\avidemux
[2010.02.19 14:22:13 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\DAEMON Tools Lite
[2013.01.30 22:57:16 | 000,000,000 | -HSD | M] -- C:\Users\Administráto\AppData\Roaming\EF0057
[2010.03.25 06:15:24 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\EPSON
[2010.06.28 18:56:52 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\FMA
[2010.08.24 14:19:43 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\FreeMediaCatcher
[2010.05.21 20:15:14 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\GlarySoft
[2010.12.15 22:22:53 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\HighAndes
[2012.12.01 01:18:10 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\ICQ
[2011.01.21 22:14:15 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\JetBrains
[2010.10.30 09:59:01 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Leadertech
[2010.05.19 17:17:57 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Nokia
[2012.01.30 11:38:39 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\ObjectivePET
[2010.05.17 20:49:10 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\OCS
[2010.05.17 20:49:12 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Opera
[2012.12.01 02:03:56 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Origin
[2010.02.21 00:09:09 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Panasonic
[2010.05.19 17:17:55 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\PC Suite
[2011.06.17 21:35:03 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\PhotoFiltre
[2011.07.06 21:21:15 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Rovio
[2012.04.03 19:42:57 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Samsung
[2010.05.16 22:03:41 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\SanDisk
[2010.08.24 14:11:49 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\SuperMP3Download
[2012.04.04 16:54:25 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Temp
[2010.03.09 15:18:15 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Thinstall
[2012.11.07 02:54:42 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Ubisoft
[2012.07.03 17:05:42 | 000,000,000 | -HSD | M] -- C:\Users\Administráto\AppData\Roaming\wyUpdate AU
[2010.09.28 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\XMedia Recode
[2011.12.24 19:41:42 | 000,000,000 | ---D | M] -- C:\Users\Administráto\AppData\Roaming\Zoner

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010.03.09 16:39:20 | 000,000,000 | ---D | M](C:\Users\Administráto\??? ?????????) -- C:\Users\Administráto\Мои документы
[2010.03.09 16:39:20 | 000,000,000 | ---D | M](C:\Users\Administráto\??? ?????????) -- C:\Users\Administráto\Мои документы
(C:\Users\Administráto\??? ?????????) -- C:\Users\Administráto\Мои документы

< End of report >

[misananuk]

OTL Extras logfile created on: 5.2.2013 1:09:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administráto\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,99 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 51,06% Memory free
7,98 Gb Paging File | 5,68 Gb Available in Paging File | 71,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,17 Gb Total Space | 18,26 Gb Free Space | 3,06% Space Free | Partition Type: NTFS

Computer Name: MICHAL | User Name: Administráto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Play_with_TriDef_Media_Player] -- "C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" "%1" (DDD Group Plc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Play_with_TriDef_Media_Player] -- "C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" "%1" (DDD Group Plc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" = C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player -- (DDD Group Plc.)
"C:\Users\Administráto\6438640620394286720310355\winsvc.exe" = C:\Users\Administráto\6438640620394286720310355\winsvc.exe:*:Enabled:Microsoft Windows Service
"C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" = C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player -- (DDD Group Plc.)
"C:\Users\Administráto\6438640620394286720310355\winsvc.exe" = C:\Users\Administráto\6438640620394286720310355\winsvc.exe:*:Enabled:Microsoft Windows Service


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3FBAC418-D9B6-499F-8366-367ED019F3C3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{75D9EE67-89F2-4B06-A544-E658816F1DA1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{828D121B-44B5-442C-854B-40F12DF2514C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8B989B6D-D770-4224-A778-07FA38A1880A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A2D4A7DF-009F-40CE-BF67-5E33D7D51958}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{AEF479D2-DB62-43C1-9156-2066FE77C583}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8BE77E4-A3C3-4DEB-9A58-30A31C410211}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E6357B11-1D7F-4FF6-B084-00DCE539341B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03767FC7-DB0C-4E8D-A921-38FD80FE48D5}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{08670D81-F217-4786-8558-7F55D1663AE5}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
"{09B2120D-6DFC-42F2-B477-A852829A406A}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
"{11127688-EB04-4129-9D04-0FB94FB31F66}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{15727BBD-21FE-43D8-8F77-18A739B9F3EC}" = protocol=6 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe |
"{15C53364-E466-4CFC-8231-A260BF30C561}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{178A925D-F7D9-4020-8B5D-3032C5405451}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{182EE8CB-2653-4A83-A715-BDECE3872330}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{1A6AF720-2C0C-4E13-9788-56DAFC361C03}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1F51B817-4FAF-4AF4-8983-C8859AB608A2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{218CC52B-189B-40AB-991A-EE4D99972421}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{2693C419-A0E4-48A5-92E5-59CB74F9946F}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{27F76D32-8D19-446E-B6AB-063CC49F3A55}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2BE3D9DD-4CA7-481E-8A4F-A39AF6451C74}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\eflc\launcheflc.exe |
"{2EF88AE7-CC5F-4C9B-AFD0-93249AF4FE44}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{37FA5FD8-22DA-4D53-8706-13185712300A}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{4193A559-BAA3-4295-8505-42280EA7F1AC}" = dir=in | app=c:\program files (x86)\common files\microsoft shared\xna\xnatrans\v3.0\xnatransx.exe |
"{456D6C0B-8956-483B-A4D8-23B28068E2F8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dirt 2\dirt2.exe |
"{48FEA599-461E-4D62-AE49-9A5E859709A5}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{49F3BB50-B470-4003-B2CC-C792A50C652B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{549DE508-A15F-486D-841C-9AF27D6335D0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{58157B3F-A4F0-4AFC-B01D-39F98C5C3925}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\eflc\launcheflc.exe |
"{64AD7B41-AC12-4B8B-843C-D3E6A51E31DE}" = dir=in | app=c:\program files (x86)\microsoft xna\xna game studio\v4.0\bin\xnaliveproxy.exe |
"{67D5F3C0-8035-4A47-AA09-C494A5F1E2FA}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
"{69408DE8-2EEB-4B80-AD44-E75B4F56C02C}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{72F2604B-D941-4A9F-BD3D-AE555DD764E3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7C4B3F4D-61B7-4CF2-9DD5-584DE51DAEC8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dirt 2\dirt2.exe |
"{82FFC0FB-C2C8-44DC-AEA8-3636D9BAE9B8}" = protocol=17 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe |
"{85AD8CFD-286A-475A-A6D1-D96542B63BE7}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{8B354338-7DFD-4BFE-88BD-F3EA7940C017}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{8B6BAF99-25C2-409B-94CD-1C4F8FCE9842}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{8B918109-D6C4-4F4E-B0C5-8C5A8A4A9474}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{8D4D4784-44F9-4748-AC19-F39D8CD62A15}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{8E4337D5-C9B6-4803-BB68-42184561B243}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{914F92A3-693C-4454-8CA2-05730E3D17A3}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{A11DE13E-4B9A-470A-978B-229401695C25}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{A4D2C959-992A-4316-BA9A-C9A911CCAA5D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5D15CBC-746E-4611-9D09-F347B2FD0C62}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{A6563C07-9257-4525-A0D6-152AC472BA90}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AADCD551-1F9D-498F-A840-8BC48D18BBB3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{AC17D778-5BE0-42A8-A55A-6A63A4B62C1C}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{AE82ED0F-0178-4C3F-9F37-48C756679AF4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{AF06CC19-5438-4DF8-B851-207DE42DCA9F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"{B5BE5B18-1BBC-407C-BAC3-57F6E2AED0DB}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{B7BA6CF6-3108-431B-B92A-4558EC257C27}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{B9759B71-B66D-42D0-B34D-AEF31AA6636A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C4D25E9C-C546-440D-B85F-BF639F618CAD}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
"{CAD83F8A-2A91-4400-85D5-456160A82318}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CB4B447D-BE48-4FFD-A555-C6569C763BAE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC0C1323-DD86-4FB7-B1D5-B15C3B00A88C}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{CD032B44-A9F1-4F3B-9624-3AC95BDD7517}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D743265A-70B3-47E6-8927-19A14B8C78BC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{E4974377-1518-4EE7-87D2-11B1A28AF8C4}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{E5F3F8EC-1D7C-4315-A581-4FF1B506CF4B}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{E6D1A12C-C4F7-429B-BE07-90B7C68DEA6E}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
"{ECFF4F9A-8167-404C-BA4E-10F343B5838E}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
"{ED4AA7C6-6ED1-4905-86A6-CCC4ADB20753}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{FBF912B2-B2A1-4280-8E00-145211953973}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{FD2991C1-A4E9-40D2-AA4A-6F4FDC9C55F1}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"TCP Query User{051ED6A9-4211-4156-AB26-12044C56DA5B}C:\program files (x86)\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\eflc\eflc.exe |
"TCP Query User{0ACA40DF-7F60-445E-B866-740F6D558949}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe |
"TCP Query User{0FC6E886-0F71-44C4-83A6-AFC07EE04DF5}C:\program files (x86)\microsoft visual studio 10.0\common7\ide\devenv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 10.0\common7\ide\devenv.exe |
"TCP Query User{1BA6C15B-C61D-476E-B7C6-728BAB9D9082}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{233485D2-44C4-4313-AB34-A96E18567186}C:\users\administráto\desktop\a2oa_patch_152 + crack\arma2oaserver.exe" = protocol=6 | dir=in | app=c:\users\administráto\desktop\a2oa_patch_152 + crack\arma2oaserver.exe |
"TCP Query User{28765704-910E-4C21-9A02-8655299685BC}C:\users\administráto\desktop\assassins creed 2 crack\emulator ac2\server.exe" = protocol=6 | dir=in | app=c:\users\administráto\desktop\assassins creed 2 crack\emulator ac2\server.exe |
"TCP Query User{2CFC16FA-D3EA-444B-898E-87AEE8FCF13A}C:\users\administráto\desktop\gta iv lsc\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\users\administráto\desktop\gta iv lsc\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"TCP Query User{2F0B986F-4EB3-4E74-9592-A6B751FB4269}C:\users\administráto\desktop\htaivflc\gta iv episodes from liberty city\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\users\administráto\desktop\htaivflc\gta iv episodes from liberty city\eflc\eflc.exe |
"TCP Query User{37CD5CFD-925F-41C2-BF74-7CD5D87AF485}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{467E4F4A-FA34-4F5E-A504-89A9AF0D99C9}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"TCP Query User{47CC2200-3205-4774-A554-212726AC768D}C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe |
"TCP Query User{794D58A4-4B26-4DAC-8BFC-1F7C5B27C9B1}C:\program files (x86)\assassin's creed revelations\acrsp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\assassin's creed revelations\acrsp.exe |
"TCP Query User{87388835-64C1-47D2-9389-87220407A0D5}C:\windows\syswow64\svchost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\svchost.exe |
"TCP Query User{8BC5BF2B-B905-43C8-B941-DB2BC75E0052}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{9390E2B3-21BF-494A-ABBB-DD7BA4121EDC}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"TCP Query User{9551C676-0BBF-48FD-86E8-16EA84EB6695}C:\hry\assassins creed iii\ac3sp.exe" = protocol=6 | dir=in | app=c:\hry\assassins creed iii\ac3sp.exe |
"TCP Query User{9D3C6786-8528-466B-823D-78682A1FACB7}C:\users\administráto\desktop\nová složka (9)\operausb1060\opera.exe" = protocol=6 | dir=in | app=c:\users\administráto\desktop\nová složka (9)\operausb1060\opera.exe |
"TCP Query User{C7CF224E-EB81-4268-AD1C-E211011FD9F5}C:\fifa\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=c:\fifa\fifa 13\game\fifa13.exe |
"TCP Query User{DF2C17F6-E2B0-48BA-95C5-F75CE779EB7A}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{E8F91158-C6D9-4DFE-B011-96692935097B}C:\hry\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=c:\hry\fifa 13\game\fifa13.exe |
"UDP Query User{083D76E9-3763-4AB2-B225-AACAF9B9474C}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe |
"UDP Query User{10CA9402-9DA0-4B0F-890C-C4DB428895D5}C:\windows\syswow64\svchost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\svchost.exe |
"UDP Query User{15D9C92A-18BC-4C3B-8690-E79F58C98267}C:\hry\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=c:\hry\fifa 13\game\fifa13.exe |
"UDP Query User{1FE04F04-E806-4C6D-9B7D-636AE5E6F6F1}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"UDP Query User{2C869FC8-907F-4B22-8D28-3C3317E3D760}C:\users\administráto\desktop\a2oa_patch_152 + crack\arma2oaserver.exe" = protocol=17 | dir=in | app=c:\users\administráto\desktop\a2oa_patch_152 + crack\arma2oaserver.exe |
"UDP Query User{45E51EAA-971A-4FC9-9D0B-D3BA03A7E33D}C:\program files (x86)\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\eflc\eflc.exe |
"UDP Query User{4BFFA9CA-76BB-4113-87E9-E4D40D19076A}C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe |
"UDP Query User{5BCDBCE2-845B-422A-A603-EAB034DBBF4E}C:\fifa\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=c:\fifa\fifa 13\game\fifa13.exe |
"UDP Query User{6049ED3F-B196-47FA-A842-DD2BF6E6017D}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"UDP Query User{760C9544-30F0-4FB8-A79C-DE78DA2BE737}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{7859B87B-62B4-416F-9D72-471D1D8CFEA1}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{7E18590A-FA1E-416F-85DC-A5719F0AECA7}C:\hry\assassins creed iii\ac3sp.exe" = protocol=17 | dir=in | app=c:\hry\assassins creed iii\ac3sp.exe |
"UDP Query User{A1D0A3D1-CC8D-4DCA-B532-62A35A6CE519}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{BFF6565F-A302-4DD6-9E96-DE4C2C3CAE08}C:\program files (x86)\microsoft visual studio 10.0\common7\ide\devenv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 10.0\common7\ide\devenv.exe |
"UDP Query User{C000544A-B79D-4B97-9362-CEA73F8AA1F5}C:\users\administráto\desktop\gta iv lsc\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\users\administráto\desktop\gta iv lsc\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"UDP Query User{C9F8E0C1-AE83-451E-96C5-68E11B15B0E3}C:\users\administráto\desktop\nová složka (9)\operausb1060\opera.exe" = protocol=17 | dir=in | app=c:\users\administráto\desktop\nová složka (9)\operausb1060\opera.exe |
"UDP Query User{D570DAFB-69A2-43AB-80B2-156A0F0815B0}C:\users\administráto\desktop\assassins creed 2 crack\emulator ac2\server.exe" = protocol=17 | dir=in | app=c:\users\administráto\desktop\assassins creed 2 crack\emulator ac2\server.exe |
"UDP Query User{E60D769C-3B27-48DD-9510-6DE1E3FA6D8E}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{F5C621DF-EAE6-4B40-B485-03B438DC8846}C:\users\administráto\desktop\htaivflc\gta iv episodes from liberty city\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\users\administráto\desktop\htaivflc\gta iv episodes from liberty city\eflc\eflc.exe |
"UDP Query User{FC96C33D-3BFE-42BF-8DDC-6477A6758100}C:\program files (x86)\assassin's creed revelations\acrsp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\assassin's creed revelations\acrsp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E6ED082-E32D-4B2B-8B6A-70B094815135}" = Microsoft SQL Server System CLR Types (x64)
"{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}" = AMD Catalyst Install Manager
"{2D8D14CC-5B31-44B9-87FC-BEC3D8AFFD1D}" = SolidWorks Explorer 2010 SP0 x64 Edition
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3ABFAF33-D6EE-9348-CE96-AF51E9D6D2FF}" = AMD Drag and Drop Transcoding
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{477D05CA-C151-9CF5-22A1-9DF6DF543CD4}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C3EA13F-25B4-3E3C-AFCE-7A831F6F6F15}" = Microsoft Help Viewer 1.0 Language Pack - CSY
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{69ADE77E-8D0F-4FD9-8F4A-37BA2CCC011E}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{C1ACBDBF-6F86-185A-E158-AB07893968FC}" = AMD Accelerated Video Transcoding
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D61EB116-6878-9676-F28F-54F6B647023C}" = ccc-utility64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{E9173A5F-22A6-4152-848E-45851DB99162}" = SolidWorks 2010 x64 Edition SP0
"{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 4.1)
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.3)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0 Language Pack - CSY" = Microsoft Help Viewer 1.0 Language Pack - CSY
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"SearchAnonymizer" = SearchAnonymizer

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{65094424-9351-40B8-939B-3676D67E48E0}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{009B1E9D-38AB-8B9E-DB07-8318DAAE1941}" = CCC Help Greek
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{022BC727-ACB7-4C1D-109C-177515714A32}" = Catalyst Control Center
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05855322-BE43-41FE-B583-D3AE0C326D58}" = Microsoft Silverlight 4 SDK
"{05D18A0F-ED9D-4FBD-9BF5-AF632EB09CB3}" = CGS15_IPM_T2
"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools
"{07E46A4A-F2BA-FE48-9464-E11250502C6A}" = CCC Help Swedish
"{07E5C16F-9194-E31B-BB6C-C3E8FBD79C30}" = CCC Help English
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{09C52940-A4D1-4409-A7CC-1AAE630CF578}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{0F2CF890-D101-6CFA-8D99-0CFBF7EF4AD0}" = CCC Help Chinese Standard
"{10CFB5DF-985A-8320-B4D8-461CC1F83CBF}" = CCC Help Japanese
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{16C07050-3D4A-428E-A6C1-AF6E0CAD782F}" = Splash Lite
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{1959101B-E34C-4266-8915-20F23B5BCF43}" = SolidWorks eDrawings 2010
"{1AA5BD63-6614-44B2-88A7-605191EDB835}" = Dotfuscator Software Services - Community Edition
"{1E86F8AC-66B2-4B50-BEDA-3B172D54E3B2}" = JetBrains ReSharper 5.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22D071EF-A06A-6341-DFDA-FE448659A63C}" = CCC Help Portuguese
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = LG CyberLink PowerDVD
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}" = LUMIX Simple Viewer
"{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}" = Zoner GIF Animator 5
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{30909F74-4B46-2842-DECF-1C66F355338C}" = CCC Help Turkish
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{356658C7-8C60-4A43-AF50-75CA8E642934}" = CorelDRAW Graphics Suite X5 - CZ
"{365E16A2-FE3B-EA13-4EE0-88D570F82497}" = CCC Help Korean
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3D8AB6C1-3932-F551-2AF0-ED0612AD4B26}" = CCC Help Dutch
"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{40AD5E62-A31A-C414-01BA-310100577C7E}" = CCC Help Chinese Traditional
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{4F9E0D27-5525-E8C8-43D0-BA15C1A22E03}" = CCC Help Czech
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{542DB1C6-07D3-3425-9746-6626AD40CA3E}" = Microsoft Visual Studio 2010 Professional - CSY Language Pack
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56DCD20A-E558-4396-AF59-14D15AA737BB}" = DWGeditor
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{647E62F0-F1BC-E0C3-EDF5-67716EE75014}" = CCC Help Hungarian
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65094424-9351-40B8-939B-3676D67E48E0}" = Corel Graphics - Windows Shell Extension
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{667DB2C0-AF52-021A-7CF6-DA8DD27AC215}" = CCC Help Italian
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)
"{6A4C6C0F-8791-B753-742E-06C40A6E023C}" = CCC Help Polish
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736D2DAD-3D87-4CAA-8646-83D238AD68E0}" = PhotoView 360
"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{772A02BE-9130-4049-96C2-454F358B2A32}" = Miro Video Converter
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79C61902-F44E-4190-A2B9-9B467B0380CE}" = CCC Help French
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A56D81D-6406-40E7-9184-8AC1769C4D69}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{85467CBC-7A39-33C9-8940-D72D9269B84F}" = Microsoft Visual F# 2.0 Runtime
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9029363A-8173-435A-9C7C-94AE7E4945D8}_is1" = floAt's Mobile Agent 2
"{91A3CEFE-A2C1-3E83-3789-F2BF8EC82106}" = CCC Help Thai
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96CAEB1D-7BFB-2A98-EBB2-414C894F694F}" = CCC Help Danish
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCC78EF-027E-40E0-9B61-39932C65E3FE}" = Acronis Disk Director Home
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A664A708-E454-4416-7D19-D0F10879522C}" = CCC Help German
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABBA0799-F982-414C-9A8B-17EB03D39677}" = trakAxPC
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3 - Czech
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BA3B34EB-3F4B-0E19-0916-971C1AD3F0AD}" = Catalyst Control Center InstallProxy
"{BC537AE0-88AF-47ED-B762-33B0D62B5188}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D67D7F19-1463-446A-9EA7-7BEBFFDB89CC}" = COMODO System - Cleaner
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{D6F46E2D-4FE2-5FAB-5C30-230E99563DEE}" = Catalyst Control Center InstallProxy
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D9DA23F5-CE0B-EE04-B498-7EC8AFC9F232}" = CCC Help Finnish
"{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}" = WCF RIA Services V1.0 SP1
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF5182CB-192B-A6C8-9707-D7214557691C}" = CCC Help Norwegian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E570CB6B-1CBC-4ADD-969F-7B3338A6BDB6}" = Windows Live Sync
"{E6757654-CE6A-0D0B-BBE6-F6247F05B7CD}" = Catalyst Control Center Localization All

[misananuk]

"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{E8759AD8-3A58-77F1-D16D-F3C8F9E98722}" = Catalyst Control Center Graphics Previews Common
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1C39CBE-4521-BEC8-5238-4A8B55FEB6B7}" = CCC Help Russian
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBFA39D2-C55A-56DC-7EBB-767FC31B04A3}" = CCC Help Spanish
"{FC053571-8507-44E4-8B6D-AACEAB8CA57C}" = Sansa Media Converter
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Absolute Uninstaller_is1" = Absolute Uninstaller 1.51
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Čeština do Hide IP Platinum 3.21" = Čeština do Hide IP Platinum 3.21
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"experience-lge-mon-lite-bundle" = TriDef 3D Games (LG 3D Monitor/TV) 1.7.1
"Google Chrome" = Google Chrome
"Hide IP Platinum_is1" = Hide IP Platinum 3.21
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = LG CyberLink PowerDVD
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"Kalender" = TKexe Kalender
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.0
"Knoll Light Factory EZ Studio" = Knoll Light Factory EZ Studio
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Microsoft Visual Studio 2010 Professional - CSY Language Pack" = Microsoft Visual Studio 2010 Professional - CSY
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox 18.0.1 (x86 cs)" = Mozilla Firefox 18.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia PC Suite" = Nokia PC Suite
"OpenAL" = OpenAL
"PDFTools_is1" = PDFTools Version 1.2 (09/28/2006)
"PerfV350 Uživatelská příručka" = PerfV350 Uživatelská příručka
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Red Giant ToonIt Studio" = Red Giant ToonIt Studio
"Rockstar Games Social Club" = Rockstar Games Social Club
"SolidWorks Installation Manager 20100-40000-1100-100" = SolidWorks 2010 x64 Edition SP0
"Some PDF Image Extract_is1" = Some PDF Image Extractr 1.0
"Texas Holdem Poker 3D Deluxe Edition DeLEGiON_is1" = Texas Holdem Poker 3D Deluxe Edition v1 0 DeLEGiON
"The KMPlayer" = The KMPlayer (remove only)
"Total Uninstall 5_is1" = Total Uninstall 5.8.0
"Trapcode 3DStroke Studio" = Trapcode 3DStroke Studio
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio" = Trapcode Shine Studio
"Unlocker" = Unlocker 1.8.9
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"PhotoFiltre" = PhotoFiltre
"Sansa Updater" = Sansa Updater

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2.2.2013 13:37:01 | Computer Name = Michal | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\mmsBundle.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.2.2013 16:48:29 | Computer Name = Michal | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\systeminfo.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.2.2013 16:50:16 | Computer Name = Michal | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\RecoveryExpert.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.2.2013 16:50:45 | Computer Name = Michal | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\ManagementConsole.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.2.2013 16:51:09 | Computer Name = Michal | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\mmsBundle.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.2.2013 19:30:39 | Computer Name = Michal | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\systeminfo.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.2.2013 19:32:31 | Computer Name = Michal | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\RecoveryExpert.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.2.2013 19:33:02 | Computer Name = Michal | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\ManagementConsole.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.2.2013 19:33:27 | Computer Name = Michal | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\mmsBundle.dll
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 4.2.2013 10:27:03 | Computer Name = Michal | Source = Application Error | ID = 1000
Description = Název chybující aplikace: pev.3XE, verze: 0.0.0.0, časové razítko:
0x4e06cfe8 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x006e0069 ID chybujícího procesu: 0x14b4 Čas spuštění
chybující aplikace: 0x01ce02e3956448b6 Cesta k chybující aplikaci: C:\ComboFix\pev.3XE
Cesta
k chybujícímu modulu: unknown ID zprávy: f12d755e-6ed6-11e2-93aa-90e6ba175d9a

[ OSession Events ]
Error - 24.11.2011 18:00:59 | Computer Name = Michal | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.

Error - 24.11.2011 18:01:12 | Computer Name = Michal | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

Error - 24.4.2012 2:52:33 | Computer Name = Michal | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 24.4.2012 2:54:27 | Computer Name = Michal | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error - 24.4.2012 2:55:36 | Computer Name = Michal | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 24.4.2012 4:20:28 | Computer Name = Michal | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 24.4.2012 4:21:13 | Computer Name = Michal | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 24.4.2012 4:21:29 | Computer Name = Michal | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 24.4.2012 4:22:39 | Computer Name = Michal | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12.5.2012 18:58:59 | Computer Name = Michal | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 4.2.2013 20:03:12 | Computer Name = Michal | Source = Service Control Manager | ID = 7001
Description = Služba Server závisí na službě Správce zabezpečení účtů, která neuspěla
při spuštění v důsledku následující chyby: %%1058

Error - 4.2.2013 20:03:12 | Computer Name = Michal | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 4.2.2013 20:03:12 | Computer Name = Michal | Source = Service Control Manager | ID = 7001
Description = Služba Server závisí na službě Správce zabezpečení účtů, která neuspěla
při spuštění v důsledku následující chyby: %%1058

Error - 4.2.2013 20:03:12 | Computer Name = Michal | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 4.2.2013 20:03:13 | Computer Name = Michal | Source = Service Control Manager | ID = 7001
Description = Služba Server závisí na službě Správce zabezpečení účtů, která neuspěla
při spuštění v důsledku následující chyby: %%1058

Error - 4.2.2013 20:03:13 | Computer Name = Michal | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 4.2.2013 20:03:17 | Computer Name = Michal | Source = Service Control Manager | ID = 7001
Description = Služba Server závisí na službě Správce zabezpečení účtů, která neuspěla
při spuštění v důsledku následující chyby: %%1058

Error - 4.2.2013 20:03:17 | Computer Name = Michal | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 4.2.2013 20:03:17 | Computer Name = Michal | Source = Service Control Manager | ID = 7001
Description = Služba Server závisí na službě Správce zabezpečení účtů, která neuspěla
při spuštění v důsledku následující chyby: %%1058

Error - 4.2.2013 20:03:17 | Computer Name = Michal | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe ()
SRV - (vToolbarUpdater14.0.1) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe ()
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{03690688-6C31-4589-9F85-1BD1C81B5BFD}: "URL" = http://www.otto.de.anonymize-me.de/?to= ... 2E6465&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com.anonymize-me.de/?an ... 535243&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb
IE - HKCU\..\SearchScopes\{40FE215A-9A3F-45BB-81E1-F72628458466}: "URL" = http://search.ebay.de.anonymize-me.de/? ... 2E6465&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{54205BBD-76EF-40BE-AF0E-D18CC1DF84C1}: "URL" = http://de.wikipedia.org.anonymize-me.de ... 6F7267&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{61B2CFE5-490B-459B-BF58-DA1061FC2BE0}: "URL" = http://www.myvideo.de.anonymize-me.de/? ... 2E6465&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{8A33FBA4-AEA4-4BE4-BB28-45067476AC7F}: "URL" = http://www.amazon.de.anonymize-me.de/?t ... 2E6465&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{9BE64C59-6591-49D8-936A-B07089FF9838}: "URL" = http://www.webhledani.cz/results.aspx?i=39&tp=ie&q={searchTerms}
IE - HKCU\..\SearchScopes\{A859E91E-C967-458F-BFC0-636704F157C8}: "URL" = http://www.pricerunner.de.anonymize-me. ... 2E6465&st={searchTerms}&clid=46b58d7a-ccaa-4c95-b743-366e7dd7eb45&pid=murb&mode=bounce
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found
[2010.02.18 18:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administráto\AppData\Roaming\mozilla\Extensions
[2010.02.18 18:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administráto\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy present
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
[2013.01.10 01:33:09 | 000,735,010 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.01.10 01:33:09 | 000,720,404 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.10 01:33:09 | 000,165,732 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.01.10 01:33:09 | 000,146,366 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Qoobox
C:\Windows\SysWow64\cis-2.4.dll
C:\Windows\SysWow64\issacapi_bs-2.3.dll
C:\Windows\SysWow64\issacapi_pe-2.3.dll
C:\Windows\SysWow64\issacapi_se-2.3.dll
C:\ProgramData\KGyGaAvL.sys
C:\Users\Administráto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

C:\Users\Administráto\??? ?????????) -- C:\Users\Administráto\Мои документы
C:\Users\Administráto\??? ?????????) -- C:\Users\Administráto\Мои документы
C:\Users\Administráto\Мои документы
znáš to???

Drive C: | 596,17 Gb Total Space | 18,26 Gb Free Space | 3,06% Space Free | Partition Type: NTFS
totální nedostatek voplného místa , pro spávný chod windows potřebuješ neméně 15% , něco odinstaluj , nebo smaž!