Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan:Win32/Dynamer


  • Please log in to reply

#1
pachta

pachta

    New Member

  • Member
  • Pip
  • 2 posts
OTL logfile created on: 24.11.2010 0:31:01 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = D:\_Jakub Plocha
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 56,00% Memory free
16,00 Gb Paging File | 12,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 99,14 Gb Total Space | 21,48 Gb Free Space | 21,66% Space Free | Partition Type: NTFS
Drive D: | 497,03 Gb Total Space | 11,80 Gb Free Space | 2,37% Space Free | Partition Type: NTFS
Drive Z: | 1863,01 Gb Total Space | 1003,58 Gb Free Space | 53,87% Space Free | Partition Type: NTFS

Computer Name: KUBAJS-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\_Jakub Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\TweakNow PowerPack 2010\CDAuto.exe ()
PRC - C:\Program Files\Total Commander7\TOTALCMD.EXE (Ghisler Software GmbH)
PRC - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PcSync2.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Windows\Downloaded Program Files\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Users\Administrator\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files (x86)\Gladinet\Gladinet Cloud Desktop\GladFileMonSvc.exe (Gladinet, INC)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe (Kerio Technologies Inc.)
PRC - C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe (Kerio Technologies Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe ()
PRC - C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe ()
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe ()
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
PRC - C:\Program Files\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe ()
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\GIGABYTE\Gamer HUD\HUD.exe ()
PRC - C:\Program Files (x86)\Common Files\Nokia\MPAPI\MPAPI3s.exe (Nokia Corporation)
PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe (Adobe Systems Incorporated)
PRC - C:\Windows\vsnpstd3.exe ()


========== Modules (SafeList) ==========

MOD - D:\_Jakub Plocha\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (VMware NAT Service) -- C:\Windows\SysNative\vmnat.exe File not found
SRV:64bit: - (VMnetDHCP) -- C:\Windows\SysNative\vmnetdhcp.exe File not found
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)
SRV:64bit: - (WinVNC4) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (Diskeeper) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (mi-raysat_3dsmax2010_64) -- C:\Program Files\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe ()
SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV - (Akamai) -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_4176eef.dll ()
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (GladFileMonSvc) -- C:\Program Files (x86)\Gladinet\Gladinet Cloud Desktop\GladFileMonSvc.exe (Gladinet, INC)
SRV - (KVPNCSvc) -- C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe (Kerio Technologies Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (ufad-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel® -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (Autodesk Network Licensing Service) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe (Autodesk, Inc.)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)


========== Driver Services (SafeList) ==========

DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (DKRtWrt) -- C:\Windows\SysNative\drivers\DKRtWrt.sys (Diskeeper Corporation)
DRV:64bit: - (RDPDISPM) -- C:\Windows\SysNative\drivers\rdpdispm.sys (Microsoft Corporation)
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman251) Acronis Try&Decide and Restore Points filter (build 251) -- C:\Windows\SysNative\drivers\tdrpm251.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcuxd) -- C:\Windows\SysNative\drivers\vpcuxd.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (cpuz132) -- C:\Windows\SysNative\drivers\cpuz132_x64.sys (Windows ® Codename Longhorn DDK provider)
DRV:64bit: - (kvnet) -- C:\Windows\SysNative\drivers\kvnet.sys (Kerio Technologies Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (vncmirror) -- C:\Windows\SysNative\drivers\vncmirror.sys (RealVNC Ltd.)
DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\drivers\Entech64.sys (EnTech Taiwan)
DRV:64bit: - (V0420VID) Live! Cam Vista IM (VF0420) -- C:\Windows\SysNative\drivers\V0420Vid.sys (Creative Technology Ltd.)
DRV:64bit: - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysNative\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo)
DRV - (RivaTuner64) -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys ()
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (vstor2-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys (VMware, Inc.)
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysWOW64\drivers\snpstd3.sys (Sonix Co. Ltd.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3F 83 8A 1B A7 7A CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2010.07.19 19:25:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2010.07.19 19:25:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions\[email protected]

O1 HOSTS File: ([2010.08.12 21:53:19 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Mouse Gestures) - {A6A49249-57AE-4295-8D4D-18A9502C7D8E} - C:\Program Files\Internet Explorer\Plugins\Drowse\MouseGestures.dll (Drowse)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Mouse Gestures) - {A6A49249-57AE-4295-8D4D-18A9502C7D8E} - C:\Program Files (x86)\Internet Explorer\Plugins\Drowse\MouseGestures.dll (Drowse)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [CD Autorun] C:\Program Files (x86)\TweakNow PowerPack 2010\CDAuto.exe ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ai Nap] C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Kerio VPN Client] C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe (Kerio Technologies Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe ()
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe (SONIX)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [MoeMonitor.exe] C:\Users\Administrator\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.7\MoeMonitor.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Nokia.PCSync] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PcSync2.exe (Nokia)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE Gamer HUD.lnk = C:\Program Files (x86)\GIGABYTE\Gamer HUD\HUD.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O9:64bit: - Extra 'Tools' menuitem : Mouse Gestures... - {4E660F19-E91E-41E1-88EF-D1DFAB118F67} - C:\Program Files\Internet Explorer\Plugins\Drowse\MouseGestures.dll (Drowse)
O9 - Extra Button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll ()
O9 - Extra 'Tools' menuitem : Mouse Gestures... - {4E660F19-E91E-41E1-88EF-D1DFAB118F67} - C:\Program Files (x86)\Internet Explorer\Plugins\Drowse\MouseGestures.dll (Drowse)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.228.41.65 194.228.41.113
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.11.24 00:01:37 | 000,575,488 | ---- | C] (OldTimer Tools) -- D:\_Jakub Plocha\OTL.exe
[2010.11.21 18:43:08 | 000,000,000 | ---D | C] -- C:\Windows\DEA314C409294250BC9298E4C105F28D.TMP
[2010.11.21 18:43:02 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.11.21 18:42:19 | 004,503,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2010.11.21 18:42:19 | 000,064,616 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010.11.21 18:42:19 | 000,056,424 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010.11.21 18:42:19 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2010.11.21 18:42:17 | 021,005,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2010.11.21 18:42:17 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2010.11.21 18:42:17 | 003,215,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvencodemft.dll
[2010.11.21 18:42:17 | 002,907,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvencodemft.dll
[2010.11.21 18:42:17 | 000,384,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2010.11.21 18:42:17 | 000,316,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2010.11.21 18:42:15 | 011,906,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2010.11.21 18:42:15 | 002,893,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2010.11.21 18:42:15 | 002,646,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2010.11.21 18:42:15 | 002,106,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2010.11.21 18:42:15 | 002,009,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2010.11.21 18:42:13 | 016,061,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2010.11.21 18:42:13 | 011,647,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2010.11.21 18:42:13 | 005,444,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2010.11.21 18:42:13 | 004,029,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2010.11.21 18:42:13 | 001,592,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2010.11.21 18:42:13 | 000,239,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod1910.dll
[2010.11.21 18:42:13 | 000,239,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll
[2010.11.12 19:46:58 | 004,280,320 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2010.11.06 22:08:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\NVIDIA
[2010.11.06 21:09:18 | 000,000,000 | ---D | C] -- C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
[2010.11.06 21:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.11.06 21:08:02 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.10.30 23:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.10.30 20:43:34 | 000,180,224 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QTCF.dll
[2010.10.27 11:52:53 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.10.27 11:52:53 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.10.27 11:52:53 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.10.27 11:52:53 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.10.27 11:52:53 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010.10.27 11:52:53 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.10.27 11:52:53 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010.10.27 11:52:50 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010.10.26 22:05:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010.10.26 20:35:14 | 000,000,000 | ---D | C] -- D:\_Jakub Plocha\TESTING - OVER CLOCKING
[2010.10.26 19:53:10 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\DivX
[2010.10.26 19:52:57 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.10.26 19:52:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.10.26 19:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.10.25 20:32:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\PicasaDownloader
[2010.01.21 21:32:29 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Administrator\AppData\Roaming\pcouffin.sys
[2009.12.14 20:48:24 | 000,172,032 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnpstd3.dll
[2009.12.14 20:48:24 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll
[2009.12.14 20:48:24 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.11.24 00:34:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.24 00:01:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\_Jakub Plocha\OTL.exe
[2010.11.23 16:37:12 | 000,014,864 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.23 16:37:12 | 000,014,864 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.23 16:11:14 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.23 16:01:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.23 00:26:41 | 000,001,037 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Account.atomsvc
[2010.11.23 00:23:21 | 2146,734,079 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.23 00:14:28 | 000,002,004 | -H-- | M] () -- D:\_Jakub\Default.rdp
[2010.11.22 21:49:21 | 001,486,768 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.22 21:49:21 | 000,638,764 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.11.22 21:49:21 | 000,621,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.22 21:49:21 | 000,124,832 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.11.22 21:49:21 | 000,108,782 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.22 00:05:48 | 000,007,576 | ---- | M] () -- D:\_Jakub\cc_20101122_000546.reg
[2010.11.21 14:54:01 | 000,228,318 | ---- | M] () -- D:\_Jakub Plocha\WER-72665-0.sysdata.xml
[2010.11.21 14:52:26 | 000,262,144 | ---- | M] () -- D:\_Jakub Plocha\112110-20576-01.dmp
[2010.11.20 23:05:39 | 004,343,304 | ---- | M] () -- D:\_Jakub Plocha\skype_v3_1.14.7.sis
[2010.11.20 18:22:35 | 000,009,150 | ---- | M] () -- D:\_Jakub Plocha\spotřeby.xlsx
[2010.11.20 17:19:12 | 000,031,302 | ---- | M] () -- D:\_Jakub Plocha\Antec Power Supply Calculator - Print Results.pdf
[2010.11.20 10:35:37 | 000,652,511 | ---- | M] () -- D:\_Jakub Plocha\ZPS Praha 2.pdf
[2010.11.20 10:35:09 | 002,188,484 | ---- | M] () -- D:\_Jakub Plocha\ZPS Praha 1.pdf
[2010.11.20 01:55:37 | 000,019,028 | ---- | M] () -- D:\_Jakub\cc_20101120_015534.reg
[2010.11.18 16:19:21 | 000,481,021 | ---- | M] () -- D:\_Jakub Plocha\Skype4MP.MPI
[2010.11.18 16:17:06 | 000,141,881 | ---- | M] () -- D:\_Jakub Plocha\Skype4MP_1.0.0.2.zip
[2010.11.18 16:16:02 | 000,013,855 | ---- | M] () -- D:\_Jakub Plocha\MySkype.xml
[2010.11.17 17:53:58 | 000,060,416 | ---- | M] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.14 22:49:52 | 000,001,436 | ---- | M] () -- D:\_Jakub\cc_20101114_224944.reg
[2010.11.13 11:15:21 | 000,000,917 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\coreavc.ini
[2010.11.12 19:46:58 | 004,280,320 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2010.11.11 22:27:35 | 000,030,628 | ---- | M] () -- D:\_Jakub Plocha\Ráj šití.cz.pdf
[2010.11.07 00:54:53 | 001,047,418 | ---- | M] () -- D:\_Jakub Plocha\psysx test.png
[2010.10.30 23:30:20 | 000,115,254 | ---- | M] () -- D:\_Jakub\cc_20101031_003014.reg
[2010.10.29 23:07:26 | 001,005,060 | ---- | M] () -- D:\_Jakub Plocha\SHOZU+V4.1.60+S60V3.rar
[2010.10.27 18:19:06 | 000,222,444 | ---- | M] () -- D:\_Jakub\děda Pachta_27-10_20-18-51.wav
[2010.10.26 22:36:43 | 000,921,478 | ---- | M] () -- D:\_Jakub Plocha\maya.dwg
[2010.10.26 22:29:25 | 000,125,874 | ---- | M] () -- D:\_Jakub Plocha\Výstřižek.PNG
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.23 00:26:41 | 000,001,037 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Account.atomsvc
[2010.11.22 00:05:47 | 000,007,576 | ---- | C] () -- D:\_Jakub\cc_20101122_000546.reg
[2010.11.21 18:42:19 | 000,009,832 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010.11.21 14:56:09 | 000,228,318 | ---- | C] () -- D:\_Jakub Plocha\WER-72665-0.sysdata.xml
[2010.11.21 14:55:21 | 000,262,144 | ---- | C] () -- D:\_Jakub Plocha\112110-20576-01.dmp
[2010.11.20 23:05:07 | 004,343,304 | ---- | C] () -- D:\_Jakub Plocha\skype_v3_1.14.7.sis
[2010.11.20 18:22:35 | 000,009,150 | ---- | C] () -- D:\_Jakub Plocha\spotřeby.xlsx
[2010.11.20 17:15:28 | 000,031,302 | ---- | C] () -- D:\_Jakub Plocha\Antec Power Supply Calculator - Print Results.pdf
[2010.11.20 10:35:36 | 000,652,511 | ---- | C] () -- D:\_Jakub Plocha\ZPS Praha 2.pdf
[2010.11.20 10:35:09 | 002,188,484 | ---- | C] () -- D:\_Jakub Plocha\ZPS Praha 1.pdf
[2010.11.20 01:55:36 | 000,019,028 | ---- | C] () -- D:\_Jakub\cc_20101120_015534.reg
[2010.11.18 16:45:30 | 000,191,488 | ---- | C] () -- C:\Windows\SysNative\unrar.dll
[2010.11.18 16:45:29 | 000,136,704 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2010.11.18 16:17:54 | 000,481,021 | ---- | C] () -- D:\_Jakub Plocha\Skype4MP.MPI
[2010.11.18 16:17:06 | 000,141,881 | ---- | C] () -- D:\_Jakub Plocha\Skype4MP_1.0.0.2.zip
[2010.11.18 16:16:02 | 000,013,855 | ---- | C] () -- D:\_Jakub Plocha\MySkype.xml
[2010.11.14 22:49:49 | 000,001,436 | ---- | C] () -- D:\_Jakub\cc_20101114_224944.reg
[2010.11.13 11:15:21 | 000,000,917 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\coreavc.ini
[2010.11.11 22:27:35 | 000,030,628 | ---- | C] () -- D:\_Jakub Plocha\Ráj šití.cz.pdf
[2010.11.07 00:54:52 | 001,047,418 | ---- | C] () -- D:\_Jakub Plocha\psysx test.png
[2010.11.02 22:50:21 | 000,222,444 | ---- | C] () -- D:\_Jakub\děda Pachta_27-10_20-18-51.wav
[2010.10.30 23:30:17 | 000,115,254 | ---- | C] () -- D:\_Jakub\cc_20101031_003014.reg
[2010.10.29 23:07:15 | 001,005,060 | ---- | C] () -- D:\_Jakub Plocha\SHOZU+V4.1.60+S60V3.rar
[2010.10.26 22:33:12 | 000,921,478 | ---- | C] () -- D:\_Jakub Plocha\maya.dwg
[2010.10.26 22:29:25 | 000,125,874 | ---- | C] () -- D:\_Jakub Plocha\Výstřižek.PNG
[2010.10.01 19:42:08 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010.04.06 19:42:17 | 000,000,460 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.02.14 19:40:56 | 000,676,224 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.dll
[2010.01.25 10:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2010.01.21 21:33:13 | 000,001,041 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\vso_ts_preview.xml
[2010.01.21 21:32:56 | 000,000,034 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\pcouffin.log
[2010.01.21 21:32:29 | 000,099,384 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\inst.exe
[2010.01.21 21:32:29 | 000,007,859 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\pcouffin.cat
[2010.01.21 21:32:29 | 000,001,167 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\pcouffin.inf
[2010.01.14 22:28:33 | 000,060,416 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.14 20:48:25 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2009.12.12 21:29:01 | 000,007,659 | ---- | C] () -- C:\Users\Administrator\AppData\Local\resmon.resmoncfg
[2009.12.08 01:56:13 | 001,483,006 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.12.07 21:47:40 | 000,000,088 | RHS- | C] () -- C:\ProgramData\334D59810A.sys
[2009.12.07 21:47:39 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009.12.07 01:08:06 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009.12.07 01:08:06 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009.12.07 01:08:05 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009.12.07 01:08:05 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009.12.07 00:02:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2009.12.08 01:57:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ACD Systems
[2009.12.14 00:26:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Acronis
[2010.09.21 23:28:39 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\aignes
[2010.07.01 23:08:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Autodesk
[2010.08.03 23:29:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Bao_Nguyen
[2010.06.06 20:21:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Estalo
[2010.07.30 23:46:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EXIF Date Changer
[2010.06.20 17:12:30 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GHISLER
[2009.12.07 22:08:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Kerio
[2010.11.18 19:12:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\MAXON
[2010.05.03 21:36:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\MotionDSP
[2010.01.14 23:27:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mp3tag
[2010.09.14 20:32:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Need for Speed World
[2009.12.08 21:06:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nokia
[2010.07.19 19:24:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenCandy
[2010.03.15 21:06:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera
[2009.12.08 21:06:27 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PC Suite
[2010.10.25 20:32:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PicasaDownloader
[2010.01.14 22:59:23 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SanDisk
[2010.06.04 19:59:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TeamViewer
[2010.04.12 23:17:46 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thinstall
[2009.12.10 20:57:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TuneUp Software
[2010.04.05 17:40:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TuxPaint
[2010.04.12 23:22:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TweakNow PowerPack 2010
[2010.07.29 21:24:10 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Tyre
[2010.01.22 20:06:42 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Vso
[2009.12.13 00:47:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Zoner
[2010.09.02 23:36:50 | 000,032,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP